Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange
  3. DBMOVER Configuration File
  4. Netport Jobs
  5. PowerExchange Message Logs and Destination Overrides
  6. SMF Statistics Logging and Reporting
  7. PowerExchange Security
  8. Secure Sockets Layer Support
  9. PowerExchange Alternative Network Security
  10. PowerExchange Nonrelational SQL
  11. PowerExchange Globalization
  12. Using the PowerExchange ODBC Drivers
  13. PowerExchange Datatypes and Conversion Matrix
  14. Appendix A: DTL__CAPXTIMESTAMP Time Stamps
  15. Appendix B: PowerExchange Glossary

LDAP Search User

LDAP Search User

LDAP servers can be configured with a level of access control that prevents unauthorized access to directory data. As a result, to connect to an LDAP server and search for a PowerExchange user, the PowerExchange Listener or PowerExchange Logger for Linux, UNIX, and Windows uses a search user. A search user is an LDAP user that has access permissions that allow connection to the LDAP server and searching of the relevant LDAP entries. This search user requires credentials so that the LDAP server can authenticate and authorize the connection and search.
To configure the LDAP credentials of the search user in PowerExchange, define the LDAP_BIND_DN statement and the LDAP_BIND_EPWD or LDAP_BIND_PWD statement in the DBMOVER configuration file.
LDAP servers can also be configured for anonymous access. To support this case, define the LDAP_BIND_DN and LDAP_BIND_PWD values to be the empty string.
If you configure LDAP TLS to require client certification and specify a SASL mechanism of EXTERNAL, you do not need to define the LDAP_BIND_DN, LDAP_BIND_EPWD, or LDAP_BIND_PWD statements. In this case, the identity and credentials of the search user are obtained from a client certificate and the LDAP server certificate mapping configuration.