The MLDAP ESM Module

The MLDAP ESM module lets you use an LDAP server as an external security manager. It is relatively full-featured and has a number of configuration options. By default, it implements ES security using LDAP object classes defined by Micro Focus; these objects are used only by ES, and not integrated with security for the OS or other applications.

However, the MLDAP ESM module can be configured to use other LDAP object classes (and containers, so it does not require the default directory hierarchy). By itself, this is not sufficient to completely integrate with Windows security, because the MLDAP ESM module cannot use Microsoft user password attributes; so if you used just the MLDAP ESM with Microsoft user classes, users would have separate passwords for Windows and MSS. In conjunction with the OS ESM, however, the MLDAP ESM will ignore the user password attribute (and other attributes used only for user signon) defined by Micro Focus, if the OS ESM has already verified the user using Windows.