Edit Security Manager

Restriction: This topic applies only when the Enterprise Server feature is enabled.

Use this page to amend the details of a security manager.

Name

Specify the name used to identify the security manager.

Module

Specify the module used to access an external security manager or to implement the security rules. If you specify it with a relative path (which includes no path) it is relative to $COBDIR/etc .

Connection Path

If the module requires a connection string that tells it how to connect to the external security manager, specify it here.

The information supplied in the string and its format depend on the module that you are using. For details, please see the documentation supplied with the module.

Authorized ID and Password

If the module requires credentials to connect to the external security manager, specify them here.

As with the connection path, the content and format of these fields depend on the module that you are using. For details, please see the documentation supplied with the module.

Enabled

Check this to enable this security manager. If it is disabled, it will be ignored by Directory Server and those enterprise servers that reference it.

Cache limit
If the module has a configurable cache for holding responses from the security manager, enter its maximum size in kilobytes here.

Most ESM Modules ignore this parameter. It is supported by the MLDAP ESM Module.

Cache TTL
If the module has a configurable cache for holding responses from the security manager, enter the maximum time in seconds that an entry in the cache can be used to satisfy requests before the details must be requeried from the security manager.

Most ESM Modules ignore this parameter. It is supported by the MLDAP ESM Module.

Note: Enterprise Server and Directory Server also have their own configurable caches for security information. These are checked before submitting queries to the security manager module.
Description

Specify a description of the security manager.

Configuration information

Specify any additional configuration settings that the module requires.

Properties

Click this to access pages for the management of users, groups and resources controlled by this security manager.

Important: You will only be able to manage users, groups and resources where the security manager is on the priority list used by Directory Server. That is:
  • if Directory Server uses the Default ES Security configuration, the security manager must be on the Default ES Security manager list
  • if Directory Server uses its own configuration options, the security manager must be on the Directory Server's own security manager list

In addition, the ESM module and the external security manager to which it connects must also support user, group and resource administration via the Security Facility.