...
| User base entry | The location of user entries in the LDAP tree. Specific locations have better performance than global ones. e.g. "ou=people,dc=example,dc=org" |
| User query sub-tree | Whether user entries should be queried in the entire sub-tree of the user base entry (usually true). |
| User search queryfilter | The query search filter to perform use in order to find a user entry based on the login username. Usually the user search query filter combines 2 conditions: First filter the entries based on "objectClass" attribute and then filter the entries based on the login username. Usually user entries may be identified by an "objectClass" of "person", "organizationalPerson" or "inetOrgPerson". The user entry attribute that contains the login username is usually "uid", "sAMAccountName" or "cn". e.g. "(&(objectClass=person)(sAMAccountName={0}))" |
| A user and its password for testing | A real user defined in the LDAP user registry who will be using DPOD - will be used to verify that the configuration is valid |
...
| Group base entry | The location of group entries in the LDAP tree. Specific locations have better performance than global ones. e.g. "ou=groups,dc=example,dc=org" |
| Role query sub-tree | Whether group entries should be queried in the entire sub-tree of the group base entry (usually true). |
| Nested groups | Whether group entries can be nested in each other (usually true). |
| Group search queryfilter | The query search filter to perform use in order to fetch the list of groups a user belongs to once a user has authenticated successfully. Usually the group search query filter combines 2 conditions: First filter the entries based on "objectClass" attribute and then filter the entries based on the authenticated user. Usually group entries may be identified by an "objectClass" of "group" or "groupOfUniqueNames". The group entry attribute that contains its members is usually "member" or "uniquemember". e.g. "(&(objectClass=groupOfUniqueNames)(uniqueMember={1}))" |
...