installutil setldapsearch

Synopsis

installutil setldapsearch dbset_name cq_login cq_password [ –site site | –domain domain ] "params"

installutil setldapsearch dbset_name cq_login cq_password [ {–allsites | –site site } | {–alldomains | –domain domain } ] –remove

Description

Use the installutil setldapsearch subcommand to specify the LDAP search criteria to use to find an LDAP user account to authenticate against. This subcommand uses the user name that a user enters in the HCL Compass login window. It is run once per domain, site, or both, if applicable.

Options and Arguments

–site site

Specifies that the parameter settings apply only to the site that you specify. If you do not specify –site site, the parameter settings apply to all sites.

–site site –remove

–allsites –remove

Removes the existing settings for the specified subcommand. You must specify –site or –allsites with –remove. Use –site to remove the settings at one specific site. Use –allsites to remove the settings at all sites.

–domain domain

HCL Compass supports environments where multiple LDAP configurations can be used to authenticate. Use this option to specify that the parameter settings apply only to the indicated domain. If you do not specify this option, the parameter settings apply to all domains.

–domain domain –remove

–alldomains –remove

Removes the existing settings for the specified subcommand. You must specify –domain or –alldomains with –remove. Use –domain to remove the settings at one specific domain. Use –alldomains to remove the settings at all domains.

params

A string that consists of a subset of the arguments available for use with the IBM® Tivoli® Directory Server Client ldapsearch function. This string is not required when you specify –remove. Within the ldapsearch string you must include the %login% parameter, which resolves to the login name that the user enters. For more information about the ldapsearch syntax, see IBM Tivoli Directory Administration Guide, which is available in the HCL Publications Center at http://www.ibm.com/shop/publications/order.

Arguments for ldapsearch function

–b searchbase

Identifies a distinguished name (DN) to use as the starting point for the search. This option is required and must be specified with the –s scope option, which defines the scope of the search. If this argument contains any special character, such as a space, backward slash, or double quotes, you must enclose the argument in single quotes.

filter

A string representation of the filter to apply in the search. Simple filters can be specified as attributetype = attributevalue. For information about specifying more complex filters, see IBM Tivoli Directory Administration Guide. If this argument contains any special character, such as a space, backward slash, or double quotes, you must enclose the argument in single quotes.

attr

The attribute that you want the search to return. This is the attribute whose value matches the user's LDAP login name.

-s scope

Specifies the scope of the search. Acceptable values:

• base: base object
• one: one level
• sub: subtree

The default is sub.

Examples

installutil setldapsearch ldapreferr admin "" -domain Domain1 "-s sub -b 
 ou=bluepages,o=hcl.com mail=%login%"

See also

installutil