A SERVICE OF

logo

Open as PDF
next previous
Chapter 4. Installing and setting up vendor.connect 93
<property id="ldap_server" value="ldap://server.domain.co.uk/" />
<property id="ldap_base" value="ou=ges,o=geac,c=uk" />
<property id="ldap_bind_dn" value="cn=root" />
<property id="ldap_bind_password" value="password" />
<property id="authorization_group_type" value="businesscategory" />
</directory>
</authentication_context>
Change the ldap.server parameter to the name and domain of the iSeries that is running the
LDAP service. You may also change other LDAP properties if required, for example, LDAP
base.
XML security
If an LDAP server is not present, then you can configure the DEFAULT context to use
/vendorconnect/deployed/UserDirectory.xml as the user directory. Simply edit the following
settings in SecurityManager.xml:
<authentication_context id="XML">
<directory id="file" type="XML">
<property id="file" value="UserDirectory.xml" />
</directory>
</authentication_context>
<authentication_context id="DEFAULT">
<directory id="SecureWay" type="LDAP">
<property id="ldap_server" value="ldap://server.domain.co.uk/" />
etc.
Change the first authentication context id=XML to context id=DEFAULT. Since the context
ID must be unique within the file, change the second authentication context ID immediately to
anything other than DEFAULT as shown in the following example:
<authentication_context id="DEFAULT">
<directory id="file" type="XML">
<property id="file" value="UserDirectory.xml" />
</directory>
</authentication_context>
<authentication_context id="XYZ">
<directory id="SecureWay" type="LDAP">
<property id="ldap_server" value="ldap://server.domain.co.uk/" />
etc.
Create the vcadmin user in UserDirectory.xml. Add the following section to this file, entering
the user password as required:
<entry dn="cn=vcadmin, ou=cad, ou=ges,o=geac,c=uk">
<objectclass>
<oc-value>top</oc-value>
<oc-value>person</oc-value>
<oc-value>organizationalPerson</oc-value>
<oc-value>inetOrgPerson</oc-value>
<oc-value>ePerson</oc-value>
<oc-value>s21User</oc-value>
</objectclass>
<attr name="cn"><value>vcadmin </value></attr>
<attr name="sn"><value>Administrator </value></attr>
<attr name="uid"><value>vcadmin</value></attr>
<attr name="userpassword"><value>anything</value></attr>
</entry>