Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Command Center for Security 6.2.

LDAP LDIF list file

The main purpose and intent of LDAP interface software discussed to this point (including the configuration items of Section 3) is to create an LDAP Data Interchange Format (LDIF) file on the BMC Defender system.

The LDIF file is a standards-based text file that consists of multiple attribute/value pairs, where the first token of the file represents an LDAP attribute, and the remainder of the line represents the attribute's value. The file can be very large, depending upon the number of managed users. A file of over 100 Mbytes or more is quite typical.

Actual attributes associated with LDAP can vary according to different LDAP schemas associated with platforms and organizations. 

Example

Logon user names represented as either sAMAccountName attributes or UserPrincipleName on Windows systems, and also represent as Uid values on UNIX systems. This makes the actual understanding of the LDAP and LDIF file somewhat difficult to users that are unfamiliar with the organization's conventions.

Fortunately, an abundance of information exists regarding LDAP attributes and their properties via web searches, and readers can often surmise the range of values for a particular LDAP attribute by simple inspection.

The LDIF file is synchronized to the information found in the net-user directory and is used in a variety of ways. In particular, the LDAP Interface Toolkit modifies the User Info screen so that the operator can drill down to a monitored user and view the LDAP information for that user. Other applications of the LDAP LDIF file (as discussed in some sections) are also possible.

Related topic

Using-BMC-Defender-LDAP-Tool-Kit

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*