Creating directory service user (Oracle Internet Directory)
A directory service account that Content Platform Engine uses to connect to the directory server.
Procedure
- Create the following directory server account:
- Directory service (bind) user account (Oracle Internet Directory)
-
- Unique identifier
- cpe_service_user
- Description
- Provide the fully qualified distinguished name of cpe_service_user as the
directory service bind user name while running Configuration Manager and also when you run the
Administration Console for Content Platform Engine Directory Configuration
Wizard.cpe_service_user performs the following roles:
- Acts as the bind user specified by the application server to search through realms to authenticate a user when the user logs in to a Content Platform Engine client.
- Acts as the user specified in the GCD that searches users and groups to authorize access to a specific FileNetĀ® P8 object after a user has been authenticated.
Provide the fully qualified distinguished name of cpe_service_user as the LDAPBindDN while running Configuration Manager and also when you run the Administration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the Administration Console for Content Platform Engine Directory configuration tab.
The Directory Service User cannot be accessed using referrals.
- Minimum required permissions
- Use your directory server's tools to grant cpe_service_user at least the following minimum rights to all entries (including user and group entries) in each security realm that is configured for your FileNet P8 domain: Read, Search, Compare.
Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of cpe_service_user.