Preparing the LDAP server for use with HCL Commerce

The steps on this page describe how to prepare an LDAP server to use with HCL Commerce.

Before you begin

Ensure that HCL Commerce has write access on the LDAP server. Read-only access is not supported.

Determine the DN of the Root organization and the Default organization. These fundamental organizations are part of the HCL Commerce membership system. Root Organization is at the top of the membership hierarchy, and all other organizations are descendants of it. Default Organization is directly under Root Organization, and is the parent of guest and B2C users. Do not create B2B users under the Default Organization. Create B2B users under their respective buyer and seller organizations.

If a user is manually created in the LDAP server and then the user logs on to HCL Commerce, or performs single sign-on to HCL Commerce, the user is automatically replicated into the HCL Commerce database, however the password remains only on the LDAP server. When the user is created in the HCL Commerce database, the user profile type is determined by the parent organization:
  • Parent organization of the user is Default Organization - profile type 'C' (B2C user)
  • Parent organization of the user is not Default Organization - profile type 'B' (B2B user)
'B' (B2B) type users are managed from the Organization Administration Console while 'C' (B2C) type users are managed from HCL Commerce Accelerator.
Note: The relationship of the user to its parent organizations is defined in the MBRREL table and mirrored in user DN.
HCL Commerce provides default DNs that you can customize:
Root Organization
Default DN: o=root organization

Example of customized DN: dc=domain,dc=ibm,dc=com

Default Organization
Default DN: o=default organization,o=root organization

Example of customized DN: cn=users,dc=domain,dc=ibm,dc=com