Sun Java System Instant Messaging 7.2 Administration Guide

Overview of how Instant Messaging Uses LDAP

All deployments of Instant Messaging require a directory server. In a deployment without Sun JavaTM System Access Manager, the Instant Messaging server uses the directory server to perform end-user authentication and to search for end users.

In a deployment with Sun Java System Portal Server, the Instant Messaging server uses the directory used by Sun Java System Portal Server. When installed in an Access Manager deployment environment, the Instant Messaging server uses the directory used by the Access Manager to search for end users, and not for end-user authentication. In an Access Manager deployment, Access Manager performs the authentication.

If you use an LDAP directory to maintain your user namespace, the default configuration makes the following assumptions regarding the schema used by this directory:

You can change these default settings by editing the iim.conf file. See iim.conf File Syntax.

Caution – Caution –

Some user attributes may contain confidential information. Ensure that your directory access control is set up to prevent unauthorized access by non-privileged users. Refer to your directory documentation for more information.