Management & Control Services Help Management & Control Services Help

Properties of LDAPv3 Directory Page

Management & Control Services (MCS) supports LDAP version 3 on specific directories to provide its user and group list. LDAP is supported for a limited number of LDAP-enabled directory service products — for this release, support is provided for Active Directory for Windows 2000, Netscape Directory 4.0, Novell NetWare 5.0 (LDAP Service for NDS), IBM OS/390 LDAP Server (via RACF), and IBM SecureWay Directory Server 3.2.2.

Note When you configure the LDAP server, you can leave the Password field blank if the server allows it. However, users of MCS-compatible products that are authenticated through MCS cannot use a blank password.

The following sections outline requirements for some specific LDAP directory server types.

Requirements for Active Directory

Requirements for Netscape Directory

Requirements for Novell NDS

Requirements for IBM OS/390 (RACF)

Server settings

Directory view: Provides a view of the directory list of the selected directory server.

Browse recipients from: Use a subdirectory of the directory service for the MCS list of users and groups. The field is updated based on which directory is selected in the View list.

Note If you select the Active Directory schema, note that Active Directory computer accounts cannot be used for assigning MCS permissions.

If you select the RACF/OS 390 schema, it is recommended that you do not select the User or Group subdirectory, as this will limit you to assigning permissions only to the selected type; instead, you should select the sysplex-level directory. If you select "profiletype=User", for example, you will not be able to assign permissions to groups.

Related Topics
Bullet Configuring the Directory Service
Bullet Overview of Security