Configuring LDAP with Sun Java System Directory Server
By default, the Sun Java System Directory Server allows anonymous users to browse the directory. However, only authenticated users are able to see whether a user account is disabled. To use custom validation filters, the Authentication Service must be configured with LDAP credentials.
The BMC Server Automation Authentication Server uses the LDAPv3 StartTLS protocol extension to provide the endpoint authentication, data confidentiality, and integrity. Sun Directory Server does not, by default, enable StartTLS when installed on Microsoft Windows. You must enable StartTLS by setting
An account is considered disabled when the
nsAccountLock attribute is set to
true. Use the following user validation filter to prevent users with disabled accounts from refreshing their session credentials: