Verify LDAP requirements

Verify that the following installation and setup requirements are met. Use the documentation provided with the LDAP to do the following setup. Record your values in LDAP Installation Values.

  1. AD LDS only: Create an AD LDS administrator user, domain, and password in Windows and install the LDAP as this user. You must supply these values during the Lawson installation.
  2. IBM TDS only: Verify that anonymous access is allowed. Infor Lawson System Foundation uses both anonymous access and named user access to TDS LDAP. Check the ibmslapd.conf file and make sure that the ibm-slapdAllowAnon value is set to TRUE:

    ibm-slapdAllowAnon: TRUE

  3. Verify the LDAP server name and listening port for the LDAP instance.
  4. If you plan to route LDAP transactions through a secure socket (ldaps protocol), you must import a security certificate into the LDAP and add the security certificate information into the Java SDK on your system. Verify that an SSL port for the LDAP instance has been defined.
  5. Define a DN for Lawson data.
    • If you are installing a single Environment with the LDAP instance, you will supply the DN for this location during the Lawson installation.

    • If you are planning to install more than one Environment pointing to the LDAP instance, you must define a unique DN for each Environment plus a DN for resources. The DNs must all reside at the same level within the container.

  6. Define a user with administrative rights to the LDAP server with an Administrator DN and password.

    The administrator must have the following rights to the Lawson repository:

    • Create/read/write/delete rights in the container designated for Lawson data, including the user container.

    • Read access to the schema.

    • Create/read/write/delete rights on any Lawson-owned objects in the user container. If you are consuming an existing LDAP, the administrator does not need create/delete access to Lawson users who are mapped to existing users. The administrator must be able to update non-mapped attributes.

  7. If you plan to consume an existing LDAP user tree or install more than one Environment in an LDAP instance, see Verify LDAP user attributes (optional) for additional requirements.