Enterprise User Security enables you to address administrative and security challenges for a large number of enterprise database users. Enterprise users are those users that are defined in a directory. Their identity remains constant throughout the enterprise. Enterprise User Security relies on Oracle Identity Management infrastructure, which in turn uses an LDAP-compliant directory service to centrally store and manage users. The Eus Workflow Element provides the EUS (Enterprise User Security) functionality.
The Eus Workflow Element adds the required objectclasses to the realm entry and user entries in order to integrate with EUS. It also adds specific controls to enable account lock-out through EUS.
The Eus Workflow Element component inherits from the Simple Workflow Element
A description of each property follows.
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ enabled | ↓ certificate-matching-rule |
| ↓ eus-realm | ↓ java-class |
| ↓ next-workflow-element | ↓ password-attribute |
| ↓ server-type |
| Description | Indicates whether the Workflow Element is enabled for use in the server. If a Workflow Element is not enabled, then its contents are not accessible when processing operations. |
|---|---|
| Default Value | None |
| Allowed Values | true false |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | Identifies the part of the DIT the EUS workflow element applies to. The value cannot be the null DN. |
|---|---|
| Default Value | None |
| Allowed Values | A valid DN. |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | Defines the next workflow element in the chain of workflow elements. |
|---|---|
| Default Value | None |
| Allowed Values | The DN of any Workflow Element. |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | Specifies the type of Directory Server containing the user entries. |
|---|---|
| Default Value | local |
| Allowed Values | ad - The user entries are stored in a separate Microsoft ActiveDirectory LDAP server. edir - The user entries are stored in a separate Novell e-Directory LDAP server. local - The user entries are stored in this server. odsee - The user entries are stored in a separate ODSEE LDAP server. oid - The user entries are stored in a separate OID LDAP server. oud - The user entries are stored in a separate OUD LDAP server. |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | Specifies the method used for certificate authentication. |
|---|---|
| Default Value | certificate-match |
| Allowed Values | certificate-match - The user entry must contain a usercertificate attribute equal to the provided certificate. certificate-or-dn-match - The user entry must contain a usercertificate attribute equal to the provided certificate, or have a DN equal to the Subject DN of the provided certificate. dn-match - The user entry must have a DN equal to the Subject DN of the provided certificate. mapper-match - The user entry must be mapped to the provided certificate using the certificate mapper. mapper-or-certificate-or-dn-match - The user entry must be mapped to the provided certificate using the certificate mapper, or contain a usercertificate attribute equal to the provided certificate, or have a DN equal to the Subject DN of the provided certificate. |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | Yes |
| Read-only | No |
| Description | Specifies the fully-qualified name of the Java class that provides the Eus Workflow Element implementation. |
|---|---|
| Default Value | org.opends.server.workflowelement.ovdplugin.eus.EusWorkflowElement |
| Allowed Values | A java class that implements or extends the class(es) : org.opends.server.workflowelement.WorkflowElement |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced Property | Yes |
| Read-only | No |
| Description | Specifies the attribute type used to hold EUS user passwords. This attribute type must be defined in the server schema, and it must have either the user password or auth password syntax. |
|---|---|
| Default Value | userpassword |
| Allowed Values | The name of an attribute type defined in the server schema. |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | Yes |
| Read-only | No |