Description of configuration properties
Sometimes it is hard to know what properties to use to get the LDAP configuration to work as expected. If you do not have detailed knowledge of the LDAP configuration we recommend that you use a third-party tool to test the configuration values before deploying the LDAP Session Provider. One such third-party tool is Apache Directory Studio. The configuration properties consist of general properties (which apply to the entire LDAP Session Provider), and connection properties.
General properties
The general properties apply to the LDAP Session Provider and the deployment itself. The general properties do not contain any LDAP connection data.
| Property | Description |
|---|---|
| com.sun.jndi.ldap.connect.pool |
LDAP connection pooling is a way to limit the number of used LDAP connections by reusing them. You cannot use the pool if any LDAP connection is configured for START_TLS. Default value: false if START_TLS is used, true otherwise. |
| auto.update.certificates |
This property determines whether the LDAP server certificates must be automatically retrieved and put into the truststore during startup. Default value: false. |
| grant.session.provider | This property determines whether the standalone deployment must try to automatically grant the LDAP Session Provider as the active session provider. It can only be granted if there is no currently granted session provider. If the LDAP Session Provider is granted this way, the admin users specified in the admin.user.* properties are mapped to the grid-admin role. |
| admin.user.* |
This is a multi-value property. The property is post-fixed with an index starting with 0 and incremented by 1 for each value specified. See the example property file above. If the user is specified in the "domain\user" format, two backslashes are required to get the desired behavior (that is, "domain\\user"). |
| num.ldap.configs | This property tells the standalone deployment profile the number of LDAP server domains/configurations to look for in the property file. The deployment fails if this property does not match the number of provided configurations. |