To Set Active Directory as the Default Authentication
Module for an Organization
-
Use ldapsearch in the following format to find values that begin with iplanet-am-auth-org-config.
/usr/bin/ldapsearch -b OU=default,OU=OrganizationConfig,OU=1.0, OU=iPlanetAMAuthService,OU=services,ROOTSUFFIX -D admin-dn -w admin-password -s base -h AD-host -p AD-port "(objectclass=*)" sunkeyvalue
The search result would look like this:
sunkeyvalue=iplanet-am-auth-org-config=<AttributeValuePair> <Value>com.sun.identity.authentication.modules.flatfile. FlatFileREQUIRED</Value></AttributeValuePair>
Save the search result as it will be used in the following step as the value for the Delete entry.
-
Save the following text as an Lightweight Directory Interchange Format (LDIF) file.
dn: OU=default,OU=OrganizationConfig,OU=1.0, OU=iPlanetAMAuthService,OU=services,ROOTSUFFIX changetype:modify delete:sunkeyvalue sunkeyvalue: iplanet-am-auth-org-config=<AttributeValuePair> <Value>com.sun.identity.authentication.modules. flatfile.FlatFileREQUIRED</Value> </AttributeValuePair> dn: OU=default,OU=OrganizationConfig,OU=1.0, OU=iPlanetAMAuthService,OU=services,ROOTSUFFIX changetype:modify add:sunkeyvalue sunkeyvalue: iplanet-am-auth-org-config=<AttributeValuePair> <Value>com.sun.identity.authentication.modules. ldap.LDAPREQUIRED</Value></AttributeValuePair>
-
Type the found values from the previous step into the Delete section of the saved LDIF file.
-
Type the new values into the Add section of the saved LDIF file.
-
Run ldapmodify using the LDIF file as input.
/usr/bin/ldapmodify -h AD-host -p AD-port -D adminDN -w admin-password -f name-of-LDIF-file
- © 2010, Oracle Corporation and/or its affiliates