Storing Instant Messaging User Properties in LDAP

In a deployment without Sun Java System Access Manager, you can choose to store user properties in LDAP instead of a file (default). You need to run the imadmin assign_services command in order to add required objectclasses to user entries in the directory. These objectclasses are used by Instant Messaging to store user properties in user entries.

Some user attributes may contain confidential information. Ensure that your directory access control is set up to prevent unauthorized access by non-privileged users. Refer to your directory documentation for more information.

To Store Instant Messaging User Properties in LDAP

1. In iim.conf, ensure that the iim.policy.modules parameter has a value of iim_ldap.

   See iim.conf File Syntax for information on iim.conf.

2. In iim.conf, ensure that the iim.userprops.store parameter has a value of ldap.

3. From the command line, run imadmin with the assign_services option:

   imadmin assign_services

   imadmin checks the value of the iim.policy.modules parameter in iim.conf.

4. Enter the Bind DN and password you want imadmin use to bind to the directory.

   The Bind DN should have sufficient credentials to modify the directory schema, for example the Directory Manager DN.

5. Enter the Base DN under which user entries are stored.

   Next, imadmin adds sunIMUser, and sunPresenceUser objectclasses to the user entries in the organization you specified.