Application server security - properties for user and group management

After you enable application server security, you can configure the properties for group and user management to define whether the directory owns group creation, or user creation and management.

By default, the mxe.LDAPGroupMgmt property is set to 1. This setting indicates that the directory owns group creation and group management. When you change the value to 0, the system owns group creation and group management. This setting enables the following functions:

By default, the mxe.LDAPUserMgmt property is set to 1. This setting indicates that the directory owns user creation and user management. When you change the value to 0, the system owns user creation and management. This setting enables the system to use Lightweight Directory Access Protocol (LDAP) for user authentication without having to synchronize user information. The following table lists the functions that are enabled and disabled with the 0 setting.
Table 1. Enabled and disabled functions when the system owns user creation and user management
Function Enabled
Add and delete security groups No
Change security groups Yes
Manage user and group relationships No
Add and delete users Yes
Change users (other than password) Yes
User self-registration No
Change password No

The user ID records that are created in the directory and in the system must be identical for this setting to function correctly.



Feedback