ldap.properties

This section describes the architecture of the ldap.properties file.

This is only used if COMMON.PROPERTIES authentication LDAPconfig is 1

ldap.connectionName =
Modifiable Field ldap.connectionName
Field Description The username used to authenticate to a read-only LDAP connection. If left blank, an anonymous connection is attempted
Possible Values User defined for example, administrator@example.com
Value Definition User defined
ldap.connectionPassword =
Modifiable Field ldap.connectionPassword
Field Description The password used to establish a read-only LDAP connection. The password can be entered here in plain text or it can be encrypted.
Possible Values User defined
Value Definition User defined
ldap.connectionURL =
Modifiable Field ldap.connectionURL
Field Description URL of the LDAP server
Possible Values User defined for example:ldap://ldap.server.com
Value Definition
ldap.security_authentication=
Modifiable Field ldap.security_authentication
Field Description Specifies the security level to use. If this property is unspecified, the behavior is determined by the service provider.
Possible Values none, simple, strong
Value Definition String
ldap.groupName=
Modifiable Field ldap.groupName
Field Description LDAP group name
Possible Values User Defined for example:ldapGroup
Value Definition
ldap.groupNameTrim= 
Modifiable Field ldap.groupNameTrim
Field Description Specifies whether the group name must be trimmed .
Possible Values True or False
Value Definition
ldap.groupDescription=
Modifiable Field ldap.groupDescription
Field Description Field for group description
Possible Values User defined for example : description
Value Definition
ldap.groupMembers= 
Modifiable Field ldap.groupMembers
Field Description Specifies user membership within a group
Possible Values User Defined
Value Definition
ldap.groupBase= 
Modifiable Field ldap.groupBase
Field Description Defines the starting location for the search of the LDAP groups. The Distinguished Name (DN) specified will indicate the location in the directory structure in which all groups are contained.
Possible Values User Defined

ldap.groupBase=OU=Groups,OU=MyLocation,

DC=MyCompany,DC=com

Value Definition
ldap.groupSearch= 
Modifiable Field ldap.groupSearch
Field Description Defines the LDAP query that is used to import AD groups to BigFix® Remote Control. The defined query needs to filter the results such that only those groups that are needed are imported to BigFix® Remote Control.
Possible Values User Defined for example : ldap.groupSearch=(objectClass=group) = Imports all AD groups to BigFix® Remote Control. Be aware some environment can have thousands of groups.
Value Definition
ldap.groupSubtree= 
Modifiable Field ldap.groupSubtree
Field Description If set to true, BigFix® Remote Control will search recursively through the subtree of the element specified in the ldap.groupBase parameter for groups associated with a user. If left unspecified, the default value of false causes only the top level to be searched (a nonrecursive search).
Possible Values True or False
Value Definition
ldap.userPassword = 
Modifiable Field ldap.userPassword
Field Description Password field
Possible Values User Defined
Value Definition
ldap.userEmail= 
Modifiable Field ldap.userEmail
Field Description LDAP field for Email
Possible Values User Defined for example: userPrincipalName
Value Definition
ldap.userid= 
Modifiable Field ldap.userid
Field Description LDAP field for userid
Possible Values User Defined
Value Definition

If the following parameters are defined they is mapped into the local database

ldap.forename= 
Modifiable Field ldap.forename
Field Description LDAP field for forename
Possible Values User Defined
Value Definition User defined string
ldap.surname= 
Modifiable Field ldap.surname
Field Description LDAP field for surname
Possible Values User defined
Value Definition User defined string
ldap.title= 
Modifiable Field ldap.title
Field Description LDAP field for title
Possible Values User Defined
Value Definition User defined string
ldap.initials= 
Modifiable Field ldap.initials
Field Description LDAP field for initials
Possible Values User Defined
Value Definition User defined string
ldap.company= 
Modifiable Field ldap.company
Field Description LDAP field for company
Possible Values User Defined
Value Definition User defined string
ldap.department= 
Modifiable Field ldap.department
Field Description LDAP field for department
Possible Values User Defined
Value Definition User Defined string
ldap.telephone= 
Modifiable Field ldap.telephone
Field Description LDAP field for telephone
Possible Values User defined
Value Definition User defined string
ldap.mobile= 
Modifiable Field ldap.mobile
Field Description LDAP field for userid
Possible Values User defined
Value Definition User defined
ldap.state= 
Modifiable Field ldap.state
Field Description LDAP field for state
Possible Values User defined
Value Definition User defined string
ldap.country= 
Modifiable Field ldap.country
Field Description LDAP field for country
Possible Values User defined
Value Definition User defined string
ldap.userBase=
Modifiable Field ldap.userBase
Field Description the base of the sub tree containing users. If not specified, the search base is the top-level context.
Possible Values User Defined
for example
ldap.userBase=OU=Users,OU=MyLocation,DC=MyCompany,DC=com
Value Definition
ldap.userSearch= 
Modifiable Field ldap.userSearch
Field Description Pattern to use for searches
Possible Values for example (userPrincipalName={0}@ActDirTest.SDC.COM)
Value Definition All users who match the search criteria are imported into the BigFix® Remote Control database. To limit this further you can use the ldap.userInGroup parameter.
ldap.userSubtree =
Modifiable Field ldap.userSubtree
Field Description Search up the subtree
Possible Values True or False
Value Definition True for search the subtree, False do not search
ldap.userInGroup =
Modifiable Field ldap.userInGroup
Field Description Determines whether a user who matches the user search criteria also has to be a member of the groups found in the group search.
Possible Values True or False
Value Definition
True
only users who match the user search criteria and are members of the groups found in the group search are imported.
False
all users who match the user search criteria regardless of their group membership are imported.
Note: Users are imported into the DefaultGroup as well as any other groups that they belong to.