Difference between revisions of "ars.cfg"

ars.cfg (view source)

Revision as of 16:24, 24 October 2018

780 bytes added , 16:24, 24 October 2018

Added IBM CMOD LDAP Sync parameters to example section. Updated ARS_LDAP_BIND_MESSAGES_FILE parameter as well. Tweaked formatting of Example block.

Jderrick

Bureaucrats, Administrators

1,126

edits

@@ Line 279: / Line 279: @@
    # LDAP Parameters (Library Server Only)   #
    ###########################################
    ARS_LDAP_SERVER=server1.ldap.example.com
    ARS_LDAP_PORT=
@@ Line 287: / Line 287: @@
    ARS_LDAP_MAPPED_ATTRIBUTE=userid
    ARS_LDAP_ALLOW_ANONYMOUS=TRUE
-   ARS_LDAP_BIND_MESSAGES_FILE=/var/log/IBM_CMOD_LDAP_messages.log
+   ARS_LDAP_BIND_MESSAGES_FILE=/opt/IBM/ondemand/V9.5/config/arsldap.ini
+  ####################################################
+  # LDAP SYNC Parameters (requires CMOD v10.1.0.2+)  #
+  ####################################################
+  ARS_LDAP_SERVER_TYPE=OPEN
+  ARS_LDAP_USER_FILTER=(ObjectClass=USER)
+  ARS_LDAP_GROUP_FILTER=(ObjectClass=GROUP)
+  ARS_LDAP_GROUP_MAPPED_ATTRIBUTE=GROUPID
    ARS_LDAP_IGN_USERIDS=ADMIN,ARSLOAD,ARSMAINT
-   ARS_LDAP_BIND_MESSAGES_FILE=/opt/IBM/ondemand/V9.5/config/arsldap.ini
+   ARS_LDAP_IGN_GROUPS=ADMINS,IT_SUPPORT,HELPDESK
 |}
@@ Line 312: / Line 321: @@
 : Set to TRUE if your LDAP server allows access without authentication.
 : Set to FALSE if your LDAP server requires a Distinguishing Name ("ARS_LDAP_BIND_DN") and password ("ARS_LDAP_BIND_DN_PWD").
+;ARS_LDAP_BIND_MESSAGES_FILE
+: Set this parameter to the file that contains human-friendly error messages for return codes from the LDAP server in case of failure.
+: See the IBM CMOD Knowledge Centre for more information about [https://www.ibm.com/support/knowledgecenter/SSEPCD_10.1.0/com.ibm.ondemand.installmp.doc/dodlx010.htm ARSLDAP.INI]
+: Only the PASSWORD_EXPIRED and ACCOUNT_LOCKED return codes from LDAP are currently supported in Content Manager OnDemand v10.1.
 === LDAP Sync Parameters ===