Overview
In this article, you will find a list of the LDAP system properties that you can modify to reset some elements of your LDAP configuration.
Information
These settings are for expert users. If you would like to use the System Properties, go to System > Management > System Properties.
The following table shows you the available settings, their descriptions, and possible values for adjusts.
Property | Meaning | Sample Value(s) |
ldap.ssl.certverification |
The SSL certification verification switch. | By default =true, which verifies the SSL certificate is valid when you are running LDAP over SSL. If you set this to false, you can run in an insecure mode. |
ldap.serverType.id* |
The type of LDAP instance. | 2=AD, 3=openLDAP, 4=other |
ldap.host* |
The hostname of the IP address of the LDAP server. | ldap.jive.com |
ldap.port* |
The port number of the LDAP server | 389 (default) or 636 (SSL) |
ldap.usernameField* |
The LDAP field name used to look up user name values | uid |
ldap.baseDN* |
The Distinguished Name of the base of your LDAP tree. | DC=support, DC=jive, DC=com |
ldap.nameField^ |
The element key for the name attribute. | cn |
ldap.firstNameField^ |
The element key for the First Name attribute. | givenName |
ldap.lastNameField^ |
The element key for the Surname attribute | sn |
ldap.emailField* |
The element key for the Email attribute | |
ldap.connectionPoolEnabled |
Specifies whether to enable connection pooling. | TRUE |
ldap.followReferrals |
Specifies whether LDAP queries will follow referrals. This property should always be set to TRUE for Active Directory. | TRUE |
ldap.adminDN* |
The DN for the LDAP admin user. This user does not need to be a Jive user. | CN=AdminMan,OU=Domain Users,DC=support,DC=jive,DC=com |
ldap.adminPassword* |
The encrypted password for the LDAP admin. | a54313f2d3bc98fb5234566995246c7 |
ldap.adminPassword.key* |
The key used to encrypt the admin password. | |
ldap.adminPassword.encrypted* |
Specifies whether or not the Admin password is encrypted. This property should always be set to TRUE. | TRUE |
ldap.ldapDebugEnabled |
|
FALSE |
ldap.sslEnabled |
Specifies whether to use an SSL connection to communicate with the LDAP server. | FALSE |
ldap.searchFilter |
The filter applied to a remote directory when searching for users | |
ldap.groupNameField |
The field that maps a group to its CN in LDAP. | cn |
ldap.groupMemberField |
The field that maps a group to its members. | member |
ldap.groupDescriptionField |
The field that maps a description of a group. | description |
ldap.posixMode |
|
|
ldap.posixEnabled |
|
FALSE |
ldap.groupSearchFilter^ |
The filter applied to a remote directory when searching for groups. | (objectClass=group) |
ldap.managerField |
Maps the DN of a user's manager. Used when syncing relationship fields. | manager |
ldap.photoField |
Maps a photo to a user's profile. | photo |
ldap.lastUpdatedField |
Used to check if an LDAP record has been updated since the most recent sync. | creationdate |
ldap.userGroupMember^ |
The field that maps a user to a group. This is a user attribute. | memberOf |
ldap.userDN^ |
An RDN (relative to the baseDN) which contains users to sync to SBS. | ou=People |
jive.sync.user.ldap |
Specifies whether user synchronizations are enabled. | TRUE |
jive.sync.relationships.ldap |
Specifies whether user relationships are synchronized from LDAP. | FALSE |
jive.sync.profile.ldap.photo |
Specifies whether profile photos are synchronized from LDAP. | FALSE |
jive.sync.profile.ldap.login |
Specifies whether profiles are synchronized at login. | |
jive.sync.auto.disable |
Specifies whether Jive should disable user accounts which cannot be found in the LDAP directory. | |
jive.sync.auto.disable.att.name |
The name of the attribute which indicates whether or not an account is disabled in LDAP. | userAccountControl |
jive.sync.auto.disable.att.value |
|
514 (See the Article) |
jive.usernames.case.insensitive |
You may need to set this property to FALSE when existing usernames in your Lightweight Directory Access Protocol (LDAP), Active Directory (AD), or single sign-on (SSO) are case sensitive. |
TRUE |
GroupManager.className |
Controls whether or not permission groups are synchronized from LDAP. |
|
Note: Please restart your instance after making any system property change.
Comments
0 comments
Please sign in to leave a comment.