Table A–2 lists and describes the parameters used by Instant Messaging for LDAP, user registration, and user source configuration.
Table A–2 LDAP, User Registration, and Source Configuration Parameters
Parameter |
Default Value |
Description |
---|---|---|
iim_ldap.host |
localhost:389 |
LDAP server name and port used by Instant Messaging server for end-user authentication. |
iim_ldap.searchbase |
o=internet |
The string used as base to search for the end users and groups on the LDAP server. |
iim_ldap.usergroupbinddn |
None (the server performs anonymous searches) |
Specifies the DN to use to bind to the LDAP server for searches. |
iim_ldap.usergroupbindcred |
None (the server performs anonymous searches) |
Specifies the password to use with the iim_ldap.usergroupbinddn DN for LDAP searches. |
iim_ldap.loginfilter |
(&(|(objectclass=inetorgperson)(objectclass=webtopuser))(uid={0})) |
Search filter used during end-user login. The entire filter is entered as one line. |
iim_ldap.usergroupbyidsearchfilter |
(|(&(objectclass=groupofuniquenames)(uid={0}))(&(|(objectclass=inetorgperson)(objectclass=webtopuser))(uid={0}))) |
The search filter used to search for end users and groups in the directory, under the base specified by ID. The entire filter is entered as one line. |
iim_ldap.usergroupbynamesearchfilter |
(|(&(objectclass=groupofuniquenames)(cn={0})) (&(|(objectclass=inetorgperson)(objectclass=webtopuser))(cn={0}))) |
The search filter used to search for end users and groups in the directory, under the base specified by name. |
iim_ldap.allowwildcardinuid |
False |
Determines if wildcards should be enabled for UIDs while performing a search. As most directory installations have UIDs indexed for exact searches only, the default value is False. Setting this value to True can impact performance unless UIDs are indexed for substring search. |
iim_ldap.userclass |
inetOrgPerson,webtopuser |
The LDAP class that indicates that an entry belongs to an end user. |
iim_ldap.groupclass |
groupOfUniqueNames |
The LDAP class that indicates that an entry belongs to a group. |
iim_ldap.groupbrowsefilter |
(objectclass=groupofuniquenames) |
The search filter used to browse all groups in the directory, under the specified search base. |
iim_ldap.searchlimit |
40 |
Maximum number of entries to be returned by a search. A value of -1 means search is disabled on this server and a value of 0 indicates unlimited search. |
iim_ldap.userdisplay |
cn |
LDAP attribute to use for display name of end users. |
iim_ldap.groupdisplay |
cn |
LDAP attribute to use for display name of groups. |
im_ldap.useruidattr |
uid |
LDAP attribute used as end users’ UID. |
im_ldap.groupmemberattr |
uniquemember |
LDAP attribute that gives the list of members of a group. |
iim_ldap.usermailattr |
|
LDAP attribute that should contain end users’ provisioned email addresses. Used when the email message is sent to an offline end user. |
iim_ldap.userattributes |
None |
LDAP attribute that contains the list of custom attributes from the LDAP user entry. |
iim_ldap.groupattributes |
None |
LDAP attribute that contains the list of custom attributes from the LDAP group entry. |
iim_ldap.groupmemberurlattr |
None |
The membership attribute of a dynamic group, which contains the LDAP filter or the LDAP URL. |
iim_ldap.useidentityadmin |
The default value is true, if you chose to leverage an Access Manager deployment for policy when you ran the configure utility. Otherwise, the default value is false. |
If the value is true then the Access Manager Administrator credentials will be used to bind to the Directory Server. |
iim.register.enable |
None |
If TRUE, the server allows new Instant Messaging end users to register themselves (add themselves to the directory) using Instant Messenger. |
iim_ldap.register.basedn |
None |
If self-registration is enabled, the value of this parameter is the DN of the location in the LDAP directory in which person entries are stored. For example: "ou=people,dc=siroe,dc=com" |
iim_ldap.register.domain |
None |
The domain to which new users will be added. For example, directory.siroe.com. |