1. System Administrator's Guide
  2. Setting Up Multiple Corporate Directories

13 Setting Up Multiple Corporate Directories

You can configure Convergence to use multiple corporate directories, or configure Convergence to use a directory server other than the user group directory server.

Adding a Corporate Directory

To add a corporate directory or to use the directory server other than the user group directory server, set the following configuration parameters:

  • ab.corpdir.[identifier].ldaphost

  • ab.corpdir.[identifier].ldapport

  • ab.corpdir.[identifier].ldapbinddn

  • ab.corpdir.[identifier].ldapbindcred

The following example has the configuration parameters settings:

iwcadmin -o ab.corpdir.[default].ldaphost -v host.example.com
iwcadmin -o ab.corpdir.[default].ldapport -v 400
iwcadmin -o ab.corpdir.[default].ldapbinddn -v "cn=Directory Manager"
iwcadmin -o ab.corpdir.[default].ldapbindcred -v xyzxyz

The corporate directory can be configured with multiple directory servers. In this example default is used to identify corporate directory configuration for host.example.com. For a single corporate directory configuration, you must use default as the identifier.

Configuring Multiple Corporate Directories

  1. To configure multiple corporate address books, set following parameters:

    ab.corpdir.[identifier].ldaphost
ab.corpdir.[identifier].ldapport
ab.corpdir.[identifier].ldapbinddn
ab.corpdir.[identifier].ldapbindcred
ab.corpdir.[identifier].urlmatch
ab.corpdir.[identifier].searchattr
ab.corpdir.[identifier].displayname

    Note:

    The value for the urlmatch configuration parameter must be unique.

    • To search from Root: ldap://corp-directory1

    • To search from dn ou=people,o=ab.org: ldap://somehost:390/ou=people,o=ab.org

    Format for urlmatch is ldap://unique_value or ldap://host:port/DN. For example: 

    -o ab.corpdir.[corpdir1].ldaphost -v budgie.india.example.com
-o ab.corpdir.[corpdir1].ldapport -v 389
-o ab.corpdir.[corpdir1].ldapbinddn -v "cn=Directory Manager"
-o ab.corpdir.[corpdir1].ldapbindcred -v netscape
-o ab.corpdir.[corpdir1].urlmatch -v ldap://corpdir1/ou=People,o=example.com,o=usergroup
-o ab.corpdir.[corpdir1].searchattr -v entry/displayname,@uid
-o ab.corpdir.[corpdir1].lookthrulimit -v 3000
-o ab.corpdir.[corpdir1].displayname -v "Second Corporate Book"

    Note:

    By default , ab.corpdir.[identifier].enableldapssl parameter is true. So ab.corpdir.[identifier].ldapport should be configured as ldaps port.

    When ab.corpdir.[identifier].ldapport is configured to use ldap port,ab.corpdir.[identifier].enableldapssl parameter should be set to false.

  2. Restart the Oracle WebLogic Server.

Note:

In some cases, the corporate directories might not display. The workaround is to set the urlmatch configuration parameter, beginning with the default URL match value (ldap://corpdirectory). For example, for an organization adding multiple address books from three different entities: CommerceDept, IntlTradeDiv, and DivofEmployment, the urlmatch is set to the following: 

ab.corpdir.[CommerceDept].urlmatch = ldap://corpdirectorycommerce \\
/ou=People,ou=CommerceDepartment,o=cat.example.gov,dc=divemp,dc=gov
ab.corpdir.[IntlTradeDiv].urlmatch = ldap://corpdirectoryitd  \\
/ou=People,ou=ITD,ou=CommerceDepartment,o=cat.example.gov,dc=divemp,dc=gov
ab.corpdir.[DivofEmployment].urlmatch = ldap://corpdirectorydivemp  \\
/ou=People,ou=DivofEmployment,ou=CommerceDept,o=cat.example.gov,dc=divemp,dc=gov

Even though the Corporate Directories are properly set up and work as designed, they may display errors in the iwc.log or the Firebug log.

Disabling Corporate Directory (Newly Added or Default)

To disable a corporate directory, set the ab.corpdir.[identifier].enable parameter to false.