Indexing Access Manager Attributes in Directory Server
Directory Server indexes improve the performance of searches of Directory Server data. The following table lists the recommended attributes that you should consider indexing for Access Manager (if they are not already indexed).
Table A–1 Recommended Access Manager Attributes to Index in Directory Server|
Attribute |
Index Type |
|
nsroledn |
Equality, Presence, and Substring |
|
memberof |
Equality and Presence |
|
iplanet-am-static-group-dn |
Equality |
|
iplanet-am-modifiable-by |
Equality |
|
iplanet-am-user-federation-info-key |
Equality |
|
sunxmlkeyvalue |
Equality and Substring |
|
o |
Equality, Presence, and Substring |
|
ou |
Equality, Presence, and Substring |
|
sunPreferredDomain |
Equality, Presence, and Substring |
|
associatedDomain |
Equality, Presence, and Substring |
|
sunOrganizationAlias |
Equality, Presence, and Substring |
To Add Indexes to Directory Server
-
Make sure that Directory Server is configured and running.
-
Add indexes using either the Directory Server Console or the ldapmodify command-line utility.
See Table A–1 for a list of the recommended Access Manager attributes to index.
If you use the ldapmodify utility, load the Access Manager index.ldif file, which is available in the following directory, depending on your platform:
-
Solaris systems: /etc/opt/SUNWam/config/ldif
-
Linux and HP-UX systems: /etc/opt/sun/identity/config/ldif
-
Windows systems:javaes-install-dir\identity\config\ldif
javaes-install-dir represents the Java ES 5 installation directory. The default value is C:\Program Files\Sun\JavaES5.
-
-
Restart Directory Server.
- © 2010, Oracle Corporation and/or its affiliates