Configuring LDAP Adapter Properties

Authentication

Allows you to select the authentication to be used (none or simple). Select the desired authentication as follows: 

• None: No authentication, that is, an anonymous log-on. If you use this setting, ensure that the LDAP server supports anonymous log-ons.

• Simple: Authentication is based on a user name and password. You must provide the user name and password in the appropriate fields (Principal and Credentials).

Select None or Simple.

The default is None.

Credentials

Allows you to enter the credentials needed when using an authentication mechanism other than anonymous log-in (authentication = None).

The appropriate credentials, in the form of a valid password. 

InitialContextFactory

Allows you to enter the factory to be used for creating the initial context for the LDAP server. By default, the LDAP service provider provided by Sun, as part of the Java Software Developers’ Kit (SDK), is used. 

A valid Java factory name; the default is: 

com.sun.jndi.ldap.
LdapCtxFactory

It is recommended that you do not change this value unless you want to use an LDAP service provider other than the one provided by Sun. 

Principal

Allows you to specify the principal needed when using an authentication mechanism other than anonymous log-in (authentication = None).

The fully qualified Distinguished Name (DN) of the user, for example: 

CN=Administrator,CN=Users,
DC=stc,dc=com

ProviderURL

Allows you to specify the URL of the LDAP Server. 

A valid URL with the protocol as ldap.

JSSE Provider Class

Specifies the fully qualified name of the JSSE provider class. For more information, see the Sun Microsystems Java site at: 

http://java.sun.com/

The name of a valid JSSE provider class; the default is: 

com.sun.net.ssl.
internal.ssl.Provider

If you are running the Integration Server on AIX, specify: 

com.ibm.jsse.
IBMJSSEProvider

KeyStore

Specifies the default KeyStore file. The keystore is used for key/certificate management when establishing SSL connections. 

A valid package location; there is no default value. 

KeyStore password

Specifies the default KeyStore password. The password is used to access the KeyStore used for key/certificate management when establishing SSL connections; there is no default. 

A valid KeyStore password. There is no default value.

KeyStore type

Allows you to specify the default KeyStore type. The keystore type is used for key/certificate management when establishing SSL connections. If the KeyStore type is not specified, the default KeyStore type, JKS, is used. 

A valid KeyStore type.

KeyStore username

The user name for accessing the keystore used for key/certificate management when establishing SSL connections. 

If the keystore type is PKCS12 or JKS, the keystore user name property is not used. PKCS12 and JKS keystore types require passwords for access but do not require user names. If you enter a value for this property, it is ignored for PKCS12 and JKS.

A valid KeyStore user name. 

SSL Connection Type

Allows you to specify the type of SSL connection to be used. 

Select None, Enable SSL, or TLS On Demand. Enter the desired value as follows: 

• None: No SSL, simple plain connection.

• Enable SSL: SSL is enabled. All communication to the LDAP server uses a secure communication channel.

If you are using the Enable SSL option, the ProviderURL property must point to a secure LDAP port (the default is 636).

For additional information on required values for this property, see SSL Connection Type. 

SSL Protocol

The SSL protocol to use when establishing an SSL connection with the LDAP server. 

Select one of the following: 

• TLS

• TLSv1

• SSLv3

• SSLv2

• SSL

TrustStore

Specifies the default TrustStore. The TrustStore is used for CA certificate management when establishing SSL connections. 

A valid TrustStore file; there is no default value. 

TrustStore password

Allows you to specify the default TrustStore password. The password is for accessing the TrustStore used for CA certificate management when establishing SSL connections. 

A valid TrustStore password; there is no default value. 

TrustStore type

Allows you to specify the TrustStore type of the TrustStore used for CA certificate management when establishing an SSL connection. If the TrustStore type is not specified, the default TrustStore type, JKS, is used. 

A valid TrustStore type. 

Verify hostname

Determines whether the host name verification is done on the server certificate during the SSL handshake. 

You can use this property to enforce strict checking of the server host name in the request URL and the host name in the received server certificate. 

Select True or False.

The default is False.

For additional information on required values for this property, see Verify Hostname.

X509 Algorithm Name

Specifies the X509 algorithm name to use for the trust and key manager factories. 

The name of a valid X509 algorithm.

The default is SunX509. 

If you are running the Integration Server on AIX, specify IbmX509.

Maximum Retries

Maximum number of retries to establish a connection upon failure to acquire one. 

There is no required value. 

The default value is 5.

Retry Interval

The number of Milliseconds to wait between connection retries. 

Any valid number. 

The default value is 10000.

Steady Pool Size

The minimum number of connections that must be maintained in the pool. 

The default value is 1.

Maximum Pool Size

The maximum number of connections allowed in the pool. 0 (zero) indicates that there is no maximum. 

The default value is 10.

Maximum Idle Timeout

The maximum time in Seconds that a connection can remain idle in the pool. Zero indicates that there is no limit. 

The default value is 300.

The current Connection Pool behavior of LDAP Adapter is as described in the example. When the

1. Steady Pool Size is 3.

2. Outbound LDAP connections used in the CMlink is 5.

   At runtime, 3*5=15 connections are established.