After you enable application server security, you can configure the properties for group and user management to define whether the directory owns group creation, or user creation and management.
By default, the mxe.LDAPGroupMgmt property is set to 1. This setting indicates that the directory owns group creation and group management. When you change the value to 0, the system owns group creation and group management. This setting enables the following functions:
Function | Enabled |
---|---|
Add and delete security groups | No |
Change security groups | Yes |
Manage user and group relationships | No |
Add and delete users | Yes |
Change users (other than password) | Yes |
User self-registration | No |
Change password | No |
The user ID records that are created in the directory and in the system must be identical for this setting to function correctly.