Directory Settings

The table below details the directory settings for a project. The name, variable name, variable type, description, and default are defined for each setting.

Note: Your Watson™ Explorer Engine search application may or may not require the configuration of these parameters. If the description of the parameters listed here does not clearly identify its potential use in your search application, please contact IBM support for clarification.

Table 1. Directory Settings
Setting Name	Type	Description
Directory hostname (directory.hostname)	string	The hostname (or IP) of the directory server (LDAP, Active Directory)
Directory port (directory.port)	number	The port of the directory server to which the LDAP query should be sent Default: 389
Directory search base DN (directory.search-base)	string	LDAP Distinguished Name (DN) identifying the base object of the LDAP search. The DN of the main domain may work, e.g., `dc=mydomain,dc=com` (though it may not be the most efficient) but may generate a `(39) LDAP remote: Operations Error` error in which case you'll need to specify a more specific object, e.g., `ou=Users,dc=mydomain,dc=com`.
Binding username (DN) (directory.binding-username)	string	Username used to bind to the directory service. In most cases this is a Distinguished Name (the logon name may sometimes work with active directory - though unlike general Windows logon it is case sensitive - but it is recommended to use the DN which always works). The format of the base DN depends on your LDAP server configuration, but here are some examples of common formats: If you use Microsoft Active Directory, a typical format for the user name is `CN=Administrator,CN=Users,DC=analytics,DC=location,DC=org,DC=com`. In UPN format, this user name is shown as `Administrator@analytics.location.org.com`. If you use IBM® Lotus® Domino®, a typical format for the user name is `cn=admin,o=analytics`. In the Domino server, this user name is shown as `admin/analytics`. If you use IBM Tivoli® Directory Server, a typical format for the user name is `uid=administrator,o=analytics`.
Binding password (directory.binding-password)	password	Password used to bind to the directory service.
Number of seconds to cache directory groups (directory.groups-cache-secs)	number	Watson Explorer Engine will cache the directory groups in the user profile for this number of seconds. This avoids putting too much strain on the directory server. Default: 86400
Directory username (directory.username)	string	The username used to retrieve the user profile from the directory. By default this will be populated with the "username" part of the login name.
Directory domain (directory.domain)	string	The default domain in which the directory groups belong. If not specified, the domain part of the `username` will be used. If you need to go across multiple domains you will need to modify the main directly.
Default Windows groups for authenticated users (directory.default-groups)	separated-enum-set	These are groups that are sometimes implied by Windows. Select the links to display below the form. nt authority\authenticated users: group for all authenticated users, often used in Sharepoint. domain\domain users: all the users of a given domain. everyone: group to which all users belong. Default: authusers domainusers
Directory attribute for username (directory.username-attribute)	string	The attribute of a user directory profile specifying the username. Default: sAMAccountName
Directory attribute for email (directory.email-attribute)	string	The attribute of a user directory profile specifying the user email. Default: mail
Directory attribute for group membership (directory.group-attribute)	string	The attribute of a user directory profile specifying the groups a user belongs to. Default: memberOf