Bookshelf Home | Contents | Index | Search | PDF |
Security Guide for Siebel eBusiness Applications > Security Adapter Authentication > Setting Up Security Adapter Authentication: A Scenario >
Setting Up the Directory
For purposes of testing the security adapter, this test implementation:
- Authenticates users through the directory.
- Allows self-registration.
- Uses the Siebel User ID as the username.
Determine the base DN, a subdirectory in the directory, to store users. You cannot distribute the users of a single Siebel application in more than one base DN. However, you may store multiple Siebel applications' users in one base DN. For this example, users are stored in the People base DN under the domain level in the sample LDAP directories, or in the Users base DN under the domain level in the sample ADS directory.
Define the attributes to use for the following user data. Create new attributes if you do not want to use existing attributes. For this example, attributes are suggested. Some of the suggested attributes are default attributes in one or more of the supported directories.
- Data: Siebel user ID. Suggested attribute: uid for LDAP or sAMAccountName for ADS.
- Data: Database account. Suggested attribute: dbaccount.
- Data: Password. Suggested attribute for LDAP only: userPassword. ADS does not use an attribute to store a user's password.
Optionally, use other attributes to represent first name, surname, or other user data.
NOTE: To perform user management in the ADS directory through the Siebel client, it is strongly recommended that you configure ADS at the server level for SSL communications between the Active Directory client and server. This is different from SSL communications between the security adapter and the directory, which is configured through Siebel applications and is discussed in Secure Adapter Communications.
Bookshelf Home | Contents | Index | Search | PDF |
Security Guide for Siebel eBusiness Applications Published: 23 June 2003 |