Identify values for the following parameters in iim.conf:
iim_ldap.usergroupbinddn - Specifies the distinguished name (dn) to use to bind to the directory for searches.
iim_ldap.usergroupbindcred - Specifies the password to use with the distinguished name (dn).
For example:
iim_ldap.usergroupbinddn="cn=iim server,o=i-zed.com"
iim_ldap.usergroupbindcred=secret
You do not have to use administrator-level credentials with write level access, as all that is necessary is read access to the domain tree. Thus, if there is an LDAP user with read level access, use its credentials instead. This is a safer alternative as it does not force you to disseminate the administrator-level credentials.
See iim.conf File Syntax for instructions on locating and modifying iim.conf.
In a deployment with Sun Java System Access Manager, if the directory is not searchable by anonymous users:
Edit iim.conf.
See iim.conf File Syntax for instructions on locating and modifying iim.conf.
If the iim_ldap.usergroupbinddn and iim_ldap.usergroupbindcred parameters do not appear in iim.conf, you can add them anywhere in the file.