LDAP integration by using configuration scripts
You can run the configuration scripts from a command-line to integrate IBM Security Key Lifecycle Manager with LDAP by using the default configuration settings that are defined in the config.py properties file.
The following example shows the properties that are defined in the config.py
file.
import string, sys
LDAP_server_type="IDS"
login_id="uid"
ip="9.x.x.x"
port="389"
gr_name="Group"
pr_name="PersonAccount"
gr_obj_class="groupOfUniqueNames"
pr_obj_class="person"
mem_name="uniqueMember"
mem_obj_class="groupOfUniqueNames"
base_entry="o=ibm.com"
scope="direct"The following table provides description for the config.py file
properties.
| Property | Description |
|---|---|
| LDAP_server_type | Type of the LDAP server that is being used. By default, IDS is specified. |
| login_id | Property name that is used for login. For example, uid and
mail. |
| ip | IP address or host name for the primary LDAP server. |
| port | Port number for the LDAP server. |
| gr_name | Name of the entity type. |
| pr_name | Name of the entity type. |
| gr_obj_class | Object class for the entity type. |
| pr_obj_class | Object class for the entity type. |
| mem_name | Name of the LDAP attribute that is used as the group member attribute. For example,
member or uniqueMember. |
| mem_obj_class | Group object class that contains the member attribute. For example,
groupOfNames or groupOfUniqueNames. If you do not define this
parameter, the member attribute applies to all group object classes. |
| scope | The scope of the member attribute. Specify any of the following values for the parameter.
|
If you discover problems during LDAP integration when the scripts are used to run the
configuration task, you might need to review the following log files that are at
<SKLM_INSTALL_HOME>/bin/LDAPIntegration to diagnose the problems.
- sklmldapconf.log
- ldaplog.out
For more information about how to run the configuration scripts, see Running the LDAP configuration scripts.