Administration Console Online Help

Domain-->Security-->Embedded LDAP

Overview

The embedded LDAP server contains user, group, group membership, security role, security policy, and credential map information. By default, each WebLogic Server domain has an embedded LDAP server configured with the default values set for each attribute. The WebLogic Authentication, Authorization, Credential Mapping, and Role Mapping providers use the embedded LDAP server as their database. If you use any of these providers in a new security realm, you may want to change the default values for the embedded LDAP server to optimize its use in your environment.

Tasks

Configuring the Embedded LDAP Server

Attributes

Attribute Label	Description	Value Constraints
Credential	The credential (usually a password) used to connect to the embedded LDAP server. If this password has not been set, WebLogic Server generates a password at startup, initializes the attribute, and saves the configuration to the `config.xml` file. If you want to connect to the embedded LDAP server using an external LDAP browser and the embedded LDAP administrator account (`cn=Admin`), change this attribute from the generated value.	Default: `null` Configurable: yes Encrypted: yes Readable: yes Writable: yes
Backup Hour	The hour at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Backup Minute attribute to determine the time at which the embedded LDAP server data files are backed up. At the specified time, WebLogic Server suspends writes to the embedded LDAP server, backs up the data files into a zip files in the `ldap/backup` directory, and then resumes writes. The default is 23.	Minimum: `0` Maximum: `23` Default: `23` Configurable: yes Readable: yes Writable: yes
Backup Minute	The minute at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Back Up Hour attribute to determine the time at which the embedded LDAP server data files are backed up. The default is 5 minutes.	Minimum: `0` Maximum: `59` Default: `05` Configurable: yes Readable: yes Writable: yes
Backup Copies	The number of backup copies of the embedded LDAP server data files. This value limits the number of zip files in the `ldap/backup` directory. The default is 7.	Minimum: `0` Maximum: `65534` Default: `7` Configurable: yes Readable: yes Writable: yes
Cache Enabled	Specifies whether or not a cache is used with the embedded LDAP server. This cache is used when a managed server is reading or writing to the master embedded LDAP server that is running on the Administration server.	Default: `true` Readable: yes Writable: yes
Cache Size	The size of the cache (in K) that is used with the embedded LDAP server. The default is 32K.	Minimum: `0` Default: `32` Configurable: yes Readable: yes Writable: yes
Cache TTL	The time-to-live (TTL) of the cache in seconds. The default is 60 seconds.	Minimum: `0` Default: `60` Configurable: yes Readable: yes Writable: yes
Refresh Replica At Startup	Specifies whether or not a Managed server should refresh all replicated data at boot time. This attribute is useful if you have made a large number of changes while the Managed server was not active and you want to download the entire replica instead of having the Administration server push each change to the Managed server. The default is false.	Default: `false` Readable: yes Writable: yes
Master First	Specifies that connections to the master LDAP server (running on the Administration server) should always be made instead of connections to the local replicated embedded LDAP server. This causes the Managed server to retrieve security data from the embedded LDAP server in the Administration server instead of going to the local embedded LDAP server that contains a replica of the information in the Administration server.	Default: `false` Readable: yes Writable: yes

Domain-->Security-->Embedded LDAP

Overview

Tasks

Related Topics

Attributes