Sample LDAP configurations
The Content Manager OnDemand user ID named QONDADM is not subjected to the LDAP authentication.
The initial bind LDAP user ID and password (ARS_LDAP_BIND_DN and ARS_LDAP_BIND_DN_PWD) are
no longer specified in the ARS.CFG file. The initial bind LDAP user ID and password are stored in
the instance stash file by using the ARSSTASH command. If ARS_LDAP_ALLOW_ANONYMOUS is set to FALSE,
both values must exist in the stash file or the LDAP authentication will fail. You can view LDAP
parameters in the
Configuring the ARS.CFG filesection of the IBM Content Manager OnDemand for i Common Server: Planning and Installation Guide.
Anonymous Bind LDAP
Server
ARS_LDAP_SERVER=ldap1.yourcompany.com
ARS_LDAP_PORT=
ARS_LDAP_USE_SSL=FALSE
ARS_LDAP_BASE_DN=ou=yourgroup,o=yourcompany.com
ARS_LDAP_BIND_ATTRIBUTE=mail
ARS_LDAP_MAPPED_ATTRIBUTE=userid
ARS_LDAP_ALLOW_ANONYMOUS=TRUE
ARS_LDAP_BIND_MESSAGES_FILE=
ARS_LDAP_IGN_USERIDS=QONDADM,user1,user2
Microsoft Active Directory (AD)
Server
ARS_LDAP_SERVER=adserver.yourcompany.com
ARS_LDAP_PORT=
ARS_LDAP_USE_SSL=FALSE
ARS_LDAP_BASE_DN=dc=ondemand,dc=yourdomain,dc=local
ARS_LDAP_BIND_ATTRIBUTE=sAMAccountName
ARS_LDAP_MAPPED_ATTRIBUTE=sAMAccountName
ARS_LDAP_ALLOW_ANONYMOUS=FALSE
ARS_LDAP_BIND_MESSAGES_FILE=
ARS_LDAP_IGN_USERIDS=QONDADM,user1,user2
Microsoft Active Directory Lightweight Directory
Services (ADAM)
Server
ARS_LDAP_SERVER=adamserver.yourcompany.com
ARS_LDAP_PORT=
ARS_LDAP_USE_SSL=FALSE
ARS_LDAP_BASE_DN=ou=yourlocation,o=yourcompany
ARS_LDAP_BIND_ATTRIBUTE=mail
ARS_LDAP_MAPPED_ATTRIBUTE=cn
ARS_LDAP_ALLOW_ANONYMOUS=FALSE
ARS_LDAP_BIND_MESSAGES_FILE=
ARS_LDAP_IGN_USERIDS=QONDADM,user1,user2
IBM®
Tivoli® Directory Server) with
SSL
ARS_LDAP_SERVER=yourtds.yourcompany.com
ARS_LDAP_PORT=
ARS_LDAP_USE_SSL=TRUE
ARS_LDAP_KEYRING_FILE=/usr/lpp/ars/config/ondemand.kdb
ARS_LDAP_KEYRING_LABEL=LDAP Label
ARS_LDAP_BASE_DN=ou=yourlocation,o=yourcompany
ARS_LDAP_BIND_ATTRIBUTE=email
ARS_LDAP_MAPPED_ATTRIBUTE=sn
ARS_LDAP_ALLOW_ANONYMOUS=FALSE
ARS_LDAP_BIND_MESSAGES_FILE=
ARS_LDAP_IGN_USERIDS=QONDADM,user1,user2
Novell eDirectory
Server
ARS_LDAP_SERVER=yournds.yourcompany.com
ARS_LDAP_PORT=
ARS_LDAP_USE_SSL=FALSE
ARS_LDAP_BASE_DN=ou=yourlocation,o=yourcompany
ARS_LDAP_BIND_ATTRIBUTE=mail
ARS_LDAP_MAPPED_ATTRIBUTE=cn
ARS_LDAP_ALLOW_ANONYMOUS=FALSE
ARS_LDAP_BIND_MESSAGES_FILE=
ARS_LDAP_IGN_USERIDS=QONDADM,user1,user2
Oracle Sun Java™ Directory Server
(ODSEE)
ARS_LDAP_SERVER=yourjds.yourcompany.com
ARS_LDAP_PORT=
ARS_LDAP_USE_SSL=FALSE
ARS_LDAP_BASE_DN=ou=boulder,o=yourcompany
ARS_LDAP_BIND_ATTRIBUTE=mail
ARS_LDAP_MAPPED_ATTRIBUTE=cn
ARS_LDAP_ALLOW_ANONYMOUS=FALSE
ARS_LDAP_BIND_MESSAGES_FILE=
ARS_LDAP_IGN_USERIDS=QONDADM,user1,user2