Setting Up the LDAP Directory

When you implement LDAP authentication, users are authenticated through a directory. This topic describes how to set up the directory to do the following:

• Authenticate users through the directory.

• Allow self-registration.

• Use the Siebel user ID as the user name.

This task is a step in Process of Implementing LDAP Security Adapter Authentication.

The following procedure describes how to set up the LDAP directory. For more information about setting up the directory, review About Setting Up the LDAP Directory.

To set up the LDAP directory

1. Determine the Base Distinguished Name, that is, the location in the directory in which to store users. For details, see the Base Distinguished Name (DN) parameter description in Server Parameters for Siebel Gateway.

   You cannot distribute the users of a single Siebel application in more than one base DN. However, you can store multiple Siebel Business Applications’ users in one base DN or in substructures such as organization units (OU), which are used for LDAP.

2. Define the attributes to use for the following user data. Create new attributes if you do not want to use existing attributes. Suggested attributes to use are as follows:

   • Siebel user ID. Suggested attribute: uid for LDAP.

   • Database account. Suggested attribute: dbaccount.

   • Password. Suggested attribute (for LDAP only): userPassword.

   Optionally, use other attributes to represent first name, last name, or other user data.