Topic
  • 2 replies
  • Latest Post - ‏2012-10-03T13:59:05Z by welcometo
welcometo
welcometo
4 Posts

Pinned topic How to check which objectClass uses Tivoli Directory server for logins?

‏2012-10-03T13:25:00Z |
I have an requirement: "Change inetOrgPerson to the Object class attribute (for example, the person attribute) by which your Tivoli Directory Server users log in."

But I don't found any information how to found by which objectClass TDS make logins.
Updated on 2012-10-03T13:59:05Z at 2012-10-03T13:59:05Z by welcometo
  • SystemAdmin
    SystemAdmin
    9855 Posts

    Re: How to check which objectClass uses Tivoli Directory server for logins?

    ‏2012-10-03T13:42:07Z  
    The requirement is stated incorrectly - but let me see if I can help you out....

    1.You do not login to an ldap server - you perform a "bind" - there are many ways you can perform this bind in many ways - but for the the simplicity sake I assume simple bind with userid/password.

    What is the userid ? - well a good question - when you perform a bind you need to bind with a DN - eg. uid=myuser,o=myorg,c=mycty. The ldap server will match the credentials against the password and eventual perform the bind.

    The DN you supply will be of some objectclass (it can be many - the important for the ldap server is that it will be ble to math the password - so that is a mandatory attribute in this case) - and this is normally inetorgperson.

    SO - if I understand the the requirement correct what they ask you to do is to change InetorgPerson to another (custom) objectclass if you use such for your user population.

    HTH

    Regards
    Franz Wolfhagen
  • welcometo
    welcometo
    4 Posts

    Re: How to check which objectClass uses Tivoli Directory server for logins?

    ‏2012-10-03T13:59:05Z  
    The requirement is stated incorrectly - but let me see if I can help you out....

    1.You do not login to an ldap server - you perform a "bind" - there are many ways you can perform this bind in many ways - but for the the simplicity sake I assume simple bind with userid/password.

    What is the userid ? - well a good question - when you perform a bind you need to bind with a DN - eg. uid=myuser,o=myorg,c=mycty. The ldap server will match the credentials against the password and eventual perform the bind.

    The DN you supply will be of some objectclass (it can be many - the important for the ldap server is that it will be ble to math the password - so that is a mandatory attribute in this case) - and this is normally inetorgperson.

    SO - if I understand the the requirement correct what they ask you to do is to change InetorgPerson to another (custom) objectclass if you use such for your user population.

    HTH

    Regards
    Franz Wolfhagen
    Hello, Franz.
    I forget to wrote here some addition to requirement:
    Important: If Tivoli Directory Server is configured to use inetOrgPerson for logins, do not change this setting.

    So I don't think I need to create some custom class.
    P.S. this requirement from IBM FileNet installations docs: http://publib.boulder.ibm.com/infocenter/p8docs/v5r1m0/topic/com.ibm.p8.install.doc/p8pin310.htm