By default, Dynamo uses a SQL repository to authenticate users and groups and authorize access. You can configure the security mechanism to use the LDAP repository of a Sun ONE Directory Server (formerly iPlanet Directory Server) or Microsoft Active Directory Server instead. An LDAP repository can be used to authenticate users and to authorize access by retrieving users’ privileges from the LDAP directory. For more information about LDAP repositories, see the ATG Repository Guide.
This section describes how to configure Dynamo to use an LDAP repository to authenticate users and roles. The configuration process consists of the following steps:
Configure users and groups on an LDAP server.
Configure base common names. (Microsoft Active Directory only)
Configure a password hasher. (Sun ONE Directory Server 5.0 only)
Configure the
InitialContextEnvironmentcomponent.Create an XML definition file.
Test the connection to the LDAP server.
Configure the
DYNAMO_MODULESvariable.Enable caching of security information.
These steps are described in detail in the following sections.
