DirectoryConfigurationIBM Properties

This topic alphabetically lists the properties that apply to the DirectoryConfigurationIBM class.

ClassDescription Property

Specifies a ClassDescription object containing the fixed description (immutable metadata) of the class from which this object is instantiated.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: OBJECT
DeletionAction: NONE
IsHidden: true
IsOrderable: false
IsSearchable: false
IsValueRequired: false
ModificationAccessRequired: WRITE
PersistenceType: NOT_PERSISTENT
ReflectiveProperty: null
RequiredClass: ClassDescription
RequiresUniqueElements: false
Settability: READ_ONLY
TargetAccessRequired: READ

DirectoryServerHost Property

Identifies the LDAP directory server or servers to use. See also the DirectoryServerPort property.

The value of this property can be any one of the following:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

DirectoryServerPassword Property

The UTF-8 encoded, non-encrypted user password for authenticating to a given directory server. To maintain password security, you can use this property only to set a password, not to read its value. Instead of returning a password value, this property returns a zero-length byte array if it has been set with a password and returns a null value if it has never been set.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: BINARY
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

DirectoryServerPort Property

The port number of the directory server.

Content Engine ignores this property when the value of the DirectoryServerHost property is a failover list. For information about failover lists, see the DirectoryServerHost property.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: LONG
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
PropertyDefaultInteger32: 389
PropertyMaximumInteger32: 65535
PropertyMinimumInteger32: 1
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

DirectoryServerProviderClass Property

Specifies the directory server provider class name. The value of this property defaults to the following strings for the directory server types that the FileNet® P8 Content Engine supports:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

DirectoryServerType Property

The type of directory server for the directory server configuration. The value for this property is one of the following:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: true
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_ONLY
TargetAccessRequired: READ

DirectoryServerUserName Property

Specifies the user name for authenticating to the directory server. The following are examples of strings for Active Directory and Oracle Directory Server:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

DisplayName Property

The user-readable, provider-specific name of an object. This property is usually the designated Name property of the object's class.

For CmAuditProcessingBookmark and AuditDefinition objects, this property is intended to identify client applications that process the audit log. For CmAuditProcessingBookmark objects, this property, in support of the audit disposition feature, identifies the client that created the object. For AuditDefinition objects, this property identifies a set of audit definitions for a given client or client functionality.

For CmAuditProcessingBookmark and AuditDefinition objects, it is recommended that you set this property. Specify a unique value to distinguish one client application from another. Note, however, that the server does not prevent identical display names across multiple CmAuditProcessingBookmark or AuditDefinition objects. Therefore, the client application is responsible for enforcing uniqueness.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: true
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

GroupBaseDN Property

Specifies the base Distinguished Name (DN) for searching for groups in the directory server.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

GroupDisplayNameAttribute Property

Specifies the directory server attribute to be used as the display name for a group. The default property value is dependent on the directory service type and is specified by the authentication provider's configuration.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

GroupMembershipSearchFilter Property

Specifies the search filter for group membership queries.

The default value of this property is null for Active Directory service provider. The default value for other supported directory service providers is unique to the provider, as follows:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

GroupNameAttribute Property

Defines the directory server attribute to be used as the short name for a group. The default value of this property is samAccountName for the Active Directory service provider and cn for all other supported directory service providers.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

GroupSearchFilter Property

Specifies the search filter for querying a group or groups. The filter must be in the following format: "(&(objectClass=user_defined_class)(an_attribute={0}))", where user_defined_class is the object class you want (for example, user) and an_attribute is the LDAP server-specific attribute (for example, samAccountName, cn, or uid).

The default value of this property is unique to the directory service provider, as follows:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

GroupUniqueIDAttribute Property

Specifies the directory server attribute to be used as the unique identifier for a group, that is, for the Content Engine Group.Id property. The default property value is dependent on the directory server type and is specified by the authentication provider's configuration. See What are access rights? for a list of the default SID attributes for the supported authentication providers.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
TargetAccessRequired: READ

Id Property

A representation of the Globally Unique Identifier (GUID), a unique 128-bit number, that is assigned to this Content Engine object when the object is created. When converted to a string, the Id property is typically depicted as 32 hexadecimal characters enclosed by brackets in the following format: {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}. For example, {3F2504E0-4F89-11D3-9A0C-0305E82C3301}.

For User and Group classes, the Id property takes the value of the Security Identifier (SID) rather than the 128-bit GUID. The string representation of the SID is in this example format: S-1-5-21-1559522492-2815155736-3711640725-55269. When Active Directory is used as the directory service for IBM FileNet P8, calls to User.get_Id() and Group.get_Id() always return the current SID for the principal, even if this user or group has only historical SIDs populating the Active Directory server.

For a given property representation, the Id property has the following characteristics:

For a newly created document object, you can override the Id property of its associated VersionSeries object before you save or check in the document for the first time.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: GUID
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
ModificationAccessRequired: WRITE
PersistenceType: NOT_PERSISTENT
RequiresUniqueElements: false
Settability: READ_ONLY
TargetAccessRequired: READ

IsSSLEnabled Property

Determines whether the Secure Sockets Layer (SSL) protocol is enabled for instances of this object. The default value is false, indicating that SSL is disabled.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
PropertyDefaultBoolean: false
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

RestrictMembershipToConfiguredRealms Property

Restricts a group membership search to within the realms configured in Administration Console for Content Platform Engine.

A user can be in a configured realm but belong to a group in an unconfigured realm. By default (that is, when the property value is false), the server automatically searches cross-realm group membership (also called cross-domain group membership in Active Directory). If it reaches a realm that is not configured in Administration Console, the server returns a Realm not found error and group membership search processing stops. However, if the property value is true when this situation occurs, the server logs an informational message to the server error log and the group membership search continues.

NOTE This property is not supported for the Windows Active Directory Application Mode (ADAM) directory service provider. This is because ADAM does not support cross-realm group memberships (cross-partition memberships, in ADAM terminology).


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
PropertyDefaultBoolean: false
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

UserBaseDN Property

Specifies the base Distinguished Name (DN) for searching for users in the directory server.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

UserDisplayNameAttribute Property

Specifies the directory server attribute to be used as the display name for a user. The default property value is dependent on the directory server type and is specified by the authentication provider's configuration.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

UserNameAttribute Property

Defines the directory server attribute to be used as the short name for a user. The default value of this property is unique to the directory service provider as follows:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

UserSearchFilter Property

Specifies the search filter for querying a user or users. The filter must be in the following format: "(&(objectClass=user_defined_class)(an_attribute={0}))", where user_defined_class is the object class you want (for example, user or person) and an_attribute is the LDAP server-specific attribute (for example, samAccountName, cn, or uid).

The default value of this property is unique to the directory service provider, as follows:


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
Settability: READ_WRITE
TargetAccessRequired: READ

UserUniqueIDAttribute Property

Specifies the directory server attribute to be used as the unique identifier for a user, that is, for the Content Engine User.Id property. The default property value is dependent on the directory server type and is specified by the authentication provider's configuration. See What are access rights? for a list of the default SID attributes for the supported authentication providers.


AllowsDefaultChange: false
Cardinality: SINGLE
CopyToReservation: false
DataType: STRING
IsHidden: false
IsOrderable: false
IsSearchable: false
IsValueRequired: false
MaximumLengthString: null
ModificationAccessRequired: WRITE
PersistenceType: OWN_COLUMN
RequiresUniqueElements: false
TargetAccessRequired: READ