Specifying the ARSLDAP.INI file
The ARS_LDAP_BIND_MESSAGES_FILE parameter enables Content Manager OnDemand to customize message text returned from an LDAP server that is used to alert users that their LDAP password is about to expire or their LDAP account is locked.
The messages displayed to users are contained in the file referenced by this parameter. To enable this user-configurable message functionality, create a file with the appropriate message strings, and set ARS_LDAP_BIND_MESSAGES_FILE to the full path of the file. The ARSLDAP.INI file is provided with example message strings that can be used by the ARS_LDAP_BIND_MESSAGES_FILE parameter.
[BIND_MESSAGES]
PASSWORD_EXPIRED="/opt/ibm/ondemand/V10.5/config/password_expired.txt"
ACCOUNT_LOCKED="/opt/ibm/ondemand/V10.5/config/account_locked.txt"
[PASSWORD_EXPIRED]
TDS6="Password has expired"
AD="data 532"
UDEF1=
UDEF2=
UDEF3=
[ACCOUNT_LOCKED]
TDS6="Account is locked"
AD="data 775"
UDEF1=
UDEF2=
UDEF3=
The BIND_MESSAGES section specifies the path to
the files containing the user-configurable message text that is displayed
to users when their LDAP password is about to expire, or their LDAP
account is locked. Generic files are supplied, and should be customized
to reflect your actual Content Manager OnDemand environment.
Your LDAP password has expired and needs to be changed.
Log into <company intranet> for password setting instructions.
The entries in the PASSWORD_EXPIRED and ACCOUNT_LOCKED sections are for Tivoli® Directory Server Version 6.x and Microsoft Active Directory (AD). These sections also contain three user-defined entries (UDEFx), allowing you to enter your own pattern strings for LDAP servers that are not directly supported.
The LDAP server may return additional information when the user's bind operation fails. When an error is returned from the LDAP server, Content Manager OnDemand reads the file referenced by the ARS_LDAP_BIND_MESSAGES_FILE parameter and searches under the two stanzas, [PASSWORD_EXPIRED] and [ACCOUNT_LOCKED], for user-defined text that matches the LDAP server error. If a match is found, Content Manager OnDemand will display the text found in the files defined under the [BIND_MESSAGES] stanza.
If the ARS_LDAP_BIND_MESSAGES_FILE parameter is not defined, has no file referenced, or the PASSWORD_EXPIRED or ACCOUNT_LOCKED files do not exist, the user will receive a default 'The server failed while attempting to logon' message.