Configure the LDAP Backend

The LDAP backend connects the CA LDAP Server to another LDAP Server, making the CA LDAP Server a client of that LDAP Server. In this manner, you can make the CA LDAP Server the entry point into your directory hierarchy. This configuration lets the CA LDAP Server forward the LDAP operation to another LDAP Server to perform the work. The results are then passed back to the application that made the initial call. This process removes the need to configure referral URLs in the CA LDAP Server. It also removes the need to code referral support in the application that made the original call.
cszscss151
The LDAP backend connects the CA LDAP Server to another LDAP Server, making the CA LDAP Server a client of that LDAP Server. In this manner, you can make the CA LDAP Server the entry point into your directory hierarchy. This configuration lets the CA LDAP Server forward the LDAP operation to another LDAP Server to perform the work. The results are then passed back to the application that made the initial call. This process removes the need to configure referral URLs in the CA LDAP Server. It also removes the need to code referral support in the application that made the original call.
Global Configuration Options
The LDAP Server backend does not use any global options.
Database-Specific Configuration Options
The database-specific options are specific to each remote CA LDAP Server being accessed. This combination of options can be specified multiple times, once per CA LDAP Server.
  • database ldap
    Begins the CA LDAP Server specific options for the CA LDAP Server back end. This option can be configured multiple times, once for each CA LDAP Server that is accessed.
    Default
    : n/a
    For example:
    database ldap
  • suffix
    Configures the DN that this back end services. This option is used with the database statement. If there are spaces in the DN, put quotes around it.
    Default
    : n/a
    For example:
    suffix "o=company, c=us"
  • uri
    Configures the URI of the remote CA LDAP Server to communicate with. For example:
    uri ldap://remote_host:remote_port
  • binddn
    Configures the DN to bind to the remote LDAP Server. For example:
    binddn "cn=userid, o=company, c=us"
  • bindpw
    Configures the password for the LDAP back end binddn. For example:
    bindpw secret
  • bind_pass_through
    Configures the LDAP back end to use the original bind dn to bind to the remote LDAP Server. This option can be used in place of the binddn and bindpw parameters. This option is not enabled by default. For example:
    bind_pass_through