LDAP and User Registration Configuration Parameters

iim_ldap.host

localhost:389

LDAP server name and port used by Instant Messaging server for end-user authentication.

iim_ldap.searchbase

o=internet

The string used as base to search for the end users and groups on the LDAP server. 

iim_ldap.usergroupbinddn

None (the server performs anonymous searches) 

Specifies the DN to use to bind to the LDAP server for searches.

iim_ldap.usergroupbindcred

None (the server performs anonymous searches) 

Specifies the password to use with the iim_ldap.usergroupbinddn DN for LDAP searches.

iim_ldap.loginfilter

(&(|(objectclass=inetorgperson)(objectclass=webtopuser))(uid={0}))

Search filter used during end-user login. The entire filter is entered as one line. 

iim_ldap.usergroupbyidsearchfilter

(|(&(objectclass=groupofuniquenames)(uid={0}))(&(|(objectclass=inetorgperson)(objectclass=webtopuser))(uid={0})))

The search filter used to search for end users and groups in the directory, under the base specified by ID. The entire filter is entered as one line. 

iim_ldap.usergroupbynamesearchfilter

(|(&(objectclass=groupofuniquenames)(cn={0}))

(&(|(objectclass=inetorgperson)(objectclass=webtopuser))(cn={0})))

The search filter used to search for end users and groups in the directory, under the base specified by name. 

iim_ldap.allowwildcardinuid

False

Determines if wildcards should be enabled for UIDs while performing a search. As most directory installations have UIDs indexed for exact searches only, the default value is False. Setting this value to True can impact performance unless UIDs are indexed for substring search.

iim_ldap.userclass

inetOrgPerson,webtopuser

The LDAP class that indicates that an entry belongs to an end user.

iim_ldap.groupclass

groupOfUniqueNames

The LDAP class that indicates that an entry belongs to a group.

iim_ldap.groupbrowsefilter

(objectclass=groupofuniquenames)

The search filter used to browse all groups in the directory, under the specified search base. 

iim_ldap.searchlimit

40

Maximum number of entries to be returned by a search. A value of -1 means search is disabled on this server and a value of 0 indicates unlimited search.

iim_ldap.userdisplay

cn

LDAP attribute to use for display name of end users.

iim_ldap.groupdisplay

cn

LDAP attribute to use for display name of groups.

im_ldap.useruidattr

uid

LDAP attribute used as end users’ UID.

im_ldap.groupmemberattr

uniquemember

LDAP attribute that gives the list of members of a group.

iim_ldap.usermailattr

mail

LDAP attribute that should contain end users’ provisioned email addresses. Used when the email message is sent to an offline end user.

iim_ldap.userattributes

None 

LDAP attribute that contains the list of custom attributes from the LDAP user entry.

iim_ldap.groupattributes

None 

LDAP attribute that contains the list of custom attributes from the LDAP group entry.

iim_ldap.groupmemberurlattr

None 

The membership attribute of a dynamic group, which contains the LDAP filter or the LDAP URL.

iim_ldap.useidentityadmin

The default value is true, if you chose to leverage an Access Manager deployment for policy when you ran the configure utility. Otherwise, the default value is false.

If the value is true then the Access Manager Administrator credentials will be used to bind to the Directory Server.

iim.register.enable

None 

If TRUE, the server allows new Instant Messaging end users to register themselves (add themselves to the directory) using Instant Messenger.

iim_ldap.register.basedn

None 

If self-registration is enabled, the value of this parameter is the DN of the location in the LDAP directory in which person entries are stored. For example:

"ou=people,dc=siroe,dc=com"

iim_ldap.register.domain

None 

The domain to which new users will be added. For example, directory.siroe.com.