It is possibly to specify configuration parameters for some data sources such as LDAP directories in the UME data source configuration file. These parameters have a higher priority than the parameters specified in the UME properties.
The parameters specified in the data source configuration file only apply to the specified data source.
The tag used to specify these parameters is <privateSection>.
If the implementation class of the data source is
com.sap.security.core.persistence.datasource.imp.LDAPPersistence
you can set the following parameters in <privateSection>.
● ume.ldap.access.action_retrial
● ume.ldap.access.additional_password.1
● ume.ldap.access.additional_password.2
● ume.ldap.access.additional_password.3
● ume.ldap.access.additional_password.4
● ume.ldap.access.additional_password.5
● ume.ldap.access.auxiliary_naming_attribute.grup
● ume.ldap.access.auxiliary_naming_attribute.uacc
● ume.ldap.access.auxiliary_naming_attribute.user
● ume.ldap.access.auxiliary_objectclass.grup
● ume.ldap.access.auxiliary_objectclass.uacc
● ume.ldap.access.auxiliary_objectclass.user
● ume.ldap.access.base_path.grup
● ume.ldap.access.base_path.uacc
● ume.ldap.access.base_path.user
● ume.ldap.access.creation_path.grup
● ume.ldap.access.creation_path.uacc
● ume.ldap.access.creation_path.user
● ume.ldap.access.case_sensetive
● ume.ldap.access.default_switch
● ume.ldap.access.domain_mapping
● ume.ldap.access.flat_group-hierarchy
● ume.ldap.access.multidomain.enabled
● ume.ldap.access.naming_attribute.grup
● ume.ldap.access.naming_attribute.uacc
● ume.ldap.access.naming_attribute.user
● ume.ldap.access.objectclass.grup
● ume.ldap.access.objectclass.uacc
● ume.ldap.access.objectclass.user
● ume.ldap.access.password
● ume.ldap.access.pwd.via.usercontext
● ume.ldap.access.server_name
● ume.ldap.access.server_port
● ume.ldap.access.server_type
● ume.ldap.access.set_pwd
● ume.ldap.access.size_limit
● ume.ldap.access.ssl
● ume.ldap.access.time_limit
● ume.ldap.access.user
● ume.ldap.access.user_as_account
● ume.ldap.blocked_accounts
● ume.ldap.blocked_groups
● ume.ldap.blocked_users
● ume.ldap.cache_lifetime
● ume.ldap.cache_size
● ume.ldap.connection_pool.connection_timeout
● ume.ldap.connection_pool.connect_timeout
● ume.ldap.connection_pool.max_idle_connections
● ume.ldap.connection_pool.max_idle_time
● ume.ldap.connection_pool.max_size
● ume.ldap.connection_pool.max_wait_time
● ume.ldap.connection_pool.min_size
● ume.ldap.connection_pool.monitor_level
● ume.ldap.connection_pool.retrial
● ume.ldap.connection_pool.retrial_interval
● ume.ldap.default_group_member
● ume.ldap.default_group_member.enabled
● ume.ldap.negative_user_filter
● ume.ldap.record_access
● ume.ldap.unique_grup_attribute
● ume.ldap.unique_uacc_attribute
● ume.ldap.unique_user_attribute
You can set a number of these properties in the property sheet for the UME. For more information, see Editing UME Properties.
<dataSource id="CORP_LDAP" |