Property

Value

Description

ume.ldap.access.
action_retrial

Default value is 2.

In a high availability scenario: Number of times UME repeats an action on the LDAP directory server, before switching to another server and reinitializing the connection pools.

In a scenario with only one LDAP server: Number of times UME repeats an action on the LDAP directory server before throwing an exception.

ume.ldap.access.
auxiliary_naming_
attribute.<X>

(where <X> = grup, uacc or user)

Auxiliary naming attribute of principal type (group, user account, or user).

ume.ldap.access.
auxiliary_
objectclass.<X>

(where <X> = grup, uacc or user)

Auxiliary object class of principal type (group, user account, or user).

ume.ldap.access.
base_path.grup

Distinguished name of branch of directory where information about groups is stored

If you have a ‘groups in a tree’ hierarchy, this property must have the same value as ume.ldap.access.base_path.user.

ou=CorporateGroups,c=us,
o=mycompany

ume.ldap.access.
base_path.user

Distinguished name of branch of directory where information about users is stored.

If you have a ‘groups in a tree’ hierarchy, this property must have the same value as ume.ldap.access.base_path.grup.

 ou=CorporateUsers,c=us,
o=mycompany

ume.ldap.access.
base_path.uacc

Distinguished name of branch of directory where information about user accounts is stored

ume.ldap.access.
creation_path.grup

Path where new groups are created.

This path must be relative to the path defined in
ume.ldap.access.
base_path.grup.

If this property is not defined, groups are stored in the path defined in
ume.ldap.access.
base_path.grup

If the properties are set as follows:

ume.ldap.access.base_path.grup
=ou=Groups,c=us,o=mycompany

ume.ldap.access.creation_path.user
=ou=NewGroups

New groups are created at ou=NewGroups,ou=Groups,c=us,o=mycompany

ume.ldap.access.
creation_path.uacc

Path where new user accounts are created.

This path must be relative to the path defined in
ume.ldap.access.
base_path.uacc.

If this property is not defined, user accounts are stored in the path defined in
ume.ldap.access.
base_path.uacc.

ume.ldap.access.
creation_path.user

Path where new users are created.

This path must be relative to the path defined in
ume.ldap.access.
base_path.user.

If this property is not defined, users are stored in the path defined in
ume.ldap.access.
base_path.user.

ume.ldap.access.
default_switch

Default value is 10.

Only required in a high availability scenario.

Time in minutes after which UME tries to reconnect to the main LDAP server.

ume.ldap.access.
flat_group_hierachy

Default is TRUE.

TRUE = A flat hierarchy is used.

FALSE = A ‘groups as tree’ hierarchy is used.

ume.ldap.access.
naming_attribute.grup

<comma-separated_
list_of_attributes>

Naming attribute of groups.

In the LDAP directory a group is uniquely identified by its distinguished name (DN). The naming attribute is the attribute used to distinguish the group from the next level above it in the LDAP directory.

If a group’s DN is ou=mygroup, ou=CorporateGroups,c=us,o=mycompany, the naming attribute for groups is ou.

ume.ldap.access.
naming_attribute.uacc

<comma-separated_
list_of_attributes>

Naming attribute of user accounts.

ume.ldap.access.
naming_attribute.user

<comma-separated_
list_of_attributes>

Naming attribute of users.

ume.ldap.access.
objectclass.grup

<comma-separated_
list_of_object_
classes>

Object class of groups.

ume.ldap.access.
objectclass.uacc

<comma-separated_
list_of_object_
classes>

Object class of user accounts.

ume.ldap.access.
objectclass.user

<comma-separated_
list_of_object_
classes>

Object class of users.

ume.ldap.access.
password

Password of user that is used to connect (bind) to the LDAP directory server.

ume.ldap.access.
server_name

Name of the LDAP directory server.

For a high availability scenario, you can enter a comma-separated list of LDAP directory servers.

ume.ldap.access.
server_port

Port of the LDAP directory server.

For a high availability scenario, you can enter a comma-separated list of ports for the LDAP directory servers (in the same order as the servers).

ume.ldap.access.
server_type

NOVELL = Novell eDirectory

SUN = Sun ONE Directory Server

ADS = Microsoft Active Directory Server

SIEMENS = Siemens DirX

Type of the LDAP directory server.

ume.ldap.access.
socket_factory

Default value is com.sun.jndi.ldap.
LdapCtxFactory

Socket factory for the LDAP connection.

ume.ldap.access.ssl

Default value is FALSE.

FALSE = Do not use SSL connection to LDAP server.

TRUE = Use SSL connection to LDAP server.

ume.ldap.access.
ssl_socket_factory

Default value is com.sap.security.
ssl.SSLSocketFactory

SSL socket factory for the LDAP connection.

ume.ldap.access.user

Distinguished name (DN) of user that is used to connect (bind) to the LDAP directory server.

cn=Directory Manager

ume.ldap.cache_lifetime

Default value is 600.

Lifetime in seconds of search cache for LDAP directory.

ume.ldap.cache_size

Default value is 100.

Size of search cache for LDAP directory.

ume.ldap.record_access

Default value is FALSE.

TRUE= Trace file is created.

Defines whether a trace file is created containing additional information about the performance of the LDAP directory, for example, which calls are made to the directory server and how long the response times are.

ume.ldap.unique
_grup_attribute

Attribute used to create unique ID of a group.

ume.ldap.unique
_uacc_attribute

Attribute used to create unique ID of a user account.

ume.ldap.unique
_user_attribute

Attribute used to create unique ID of a user. By default, the unique ID is the distinguished name (DN) of the user in the LDAP directory.