LDAP Authentication Properties for the CDD File
These are LDAP authentication properties used in the CDD file.
Property | Notes |
---|---|
be.auth.ldap.type |
|
Use this property to only if you want to use OpenLDAP for LDAP authentication. The property is not required for Oracle directory server or Windows Active Directory server.
Set his property to
|
|
be.auth.ldap.port |
|
Specifies the port for LDAP authentication. | |
be.auth.ldap.adminDN |
|
Specifies the base distinguished name (DN) for admin login.
For example: cn=Directory Administrators, dc=na, dc=tibco, dc=com. |
|
be.auth.ldap.adminPassword |
|
Specifies the password for the LDAP administrator DN. | |
be.auth.ldap.baseDN |
|
Specifies the base tree in LDAP under which users can be searched. For example,
dc=na, dc=tibco, dc=com .
|
|
be.auth.ldap.roleAttr |
|
Specifies the name of the attribute used by the LDAP server for role information of a user. Set the value to
member for RMS server with OpenLDAP
Default value is
|
|
be.auth.ldap.uidattr |
|
Specifies the name of the attribute used by the LDAP server for user name information. Allowable values are as follows:
Default value is
|
|
be.auth.ldap.useRoleDN |
|
Set this property to true to use the fully qualified name of the attribute used by the LDAP server for role information of a user.
Set this property to false to use only the name of the attribute, which is shown in the notes for the
Default value is
|
|
be.auth.ldap.objectClass |
|
Specifies the
ObjectClass attribute value for DS.
Many object classes can exist, for example,
If search should span all object classes, keep this value empty or specify an asterisk ("*"). |
|
be.auth.ldap.dnAttr |
|
Specifies the name of the attribute that contains the fully qualified name.
Default value is
|
|
be.auth.ldap.ssl |
|
Specifies a secure connection to the LDAP host is to be established.
Default value is
|
|
be.auth.ldap.filter.<attributeName> |
|
While using LDAP for authentication, you can filter users who get access to TIBCO BusinessEvents WebStudio based on their attributes on the LDAP server. The
<attribute> in the property is the name of the attribute. Set the value of the property to the value of the attribute that a user should have to get access to TIBCO BusinessEvents WebStudio.
For example, if you have a large number of LDAP users and they need to be authenticated based on the attribute of their roles, TIBCO BusinessEvents can filter them based on their roles. |