All deployments of Instant Messaging require a directory server. In a deployment without Sun JavaTM System Access Manager, the Instant Messaging server uses the directory server to perform end-user authentication and to search for end users.
In a deployment with Sun Java System Portal Server, the Instant Messaging server uses the directory used by Sun Java System Portal Server. When installed in an Access Manager deployment environment, the Instant Messaging server uses the directory used by the Access Manager to search for end users, and not for end-user authentication. In an Access Manager deployment, Access Manager performs the authentication.
If you use an LDAP directory to maintain your user namespace, the default configuration makes the following assumptions regarding the schema used by this directory:
End user entries are identified by the inetOrgPerson object class.
Group entries are identified by the groupOfUniqueNames or groupofURLs object class.
Instant Messenger user ID attribute of an end user is provided by the uid attribute (from inetOrgPerson objectclass).
The email address of an end user is provided by the mail attribute.
The display name of an end user or group is provided by the cn attribute.
The list of members of a group is provided by the uniqueMember attribute (groupOfUniqueNames object class).
You can change these default settings by editing the iim.conf file. See iim.conf File Syntax.
Some user attributes may contain confidential information. Ensure that your directory access control is set up to prevent unauthorized access by non-privileged users. Refer to your directory documentation for more information.