Bookshelf v7.5: Creating Users in the Directory

Create three users in the directory, as described in Table 6. The attribute names, such as uid and userPassword in an LDAP directory, are those suggested in this example. Your entries may vary depending on the way that you make attribute assignments in Setting Up the Directory.

Table 6. Directory Records
Type of User	Siebel User ID Attribute (Uid for LDAP or sAMAccountName for ADSI)	Password (UserPassword Attribute for LDAP or ADS Password for ADSI)	Database Account Attribute (Dbaccount)
Anonymous user	Enter the user ID of the anonymous user record for the Siebel application you are implementing. You can use a seed data anonymous user record for a Siebel customer or partner application. For example, if you implement Siebel eService, enter `GUESTCST`. You can create a new user record or adapt a seed anonymous user record for a Siebel employee application. The anonymous user is required even if the application does not allow access by unregistered users. For more information, see Anonymous User.	`GUESTPW` or a password of your choice	username = `LDAPUSER` password=`P`
Application user	`APPUSER` or a name of your choice	`APPUSERPW` or a password of your choice	Database account is not required for the application user.
A test user	`TESTUSER` or a name of your choice	`TESTPW` or a password of your choice	Database account is not required for any user record, except the anonymous user.

The uid or sAMAccountName entries for the application user and test user and the password entry for the test user are only suggested. You may vary those entries.

This example implements a shared credential. The database account for all users is stored in one object in the directory. In this example, the shared database account is stored in the anonymous user record. The database account must match the database account you reserve for externally-authenticated users described in Creating a Database Login. The P symbol represents the password in that database account.

NOTE: In a production environment, do not use the anonymous user as the directory object that contains the shared credential.

For information about formatting requirements for the database account attribute entry, see Requirements for Directory.

CAUTION: Make sure the anonymous user and the application user have write privileges to the directory. (The anonymous user must have write privileges because it is a component of self-registration.) In addition, the application user must have privileges to search all user records.