The default mldap_esm security manager settings are designed for the simple LDAP configuration using AD LDS and the Micro Focus user class. Before the mldap_esm security manager can update the information in an LDAP server, you need to set a number of configuration options.
[LDAP] base=DN-suffix user class=user class user container=user-container group container=group-container resource container=resource-container
|DN-suffix||The common part of the DN for your user container, MSS group container, and MSS resource rules container. For example, if your users are in CN=users,DC=somecorp,DC=com, and your MSS containers are in CN=MF,DC=somecorp,DC=com, you could set base to DC=somecorp,DC=com.|
|user class||The LDAP object class used for your users. The following options are available:
|user-container||The DN of the container for user objects, without the "base" suffix, for example: CN=users|
|group-container||The DN of the container for MSS user group objects, without the "base" suffix, for example: CN=Enterprise Server Groups,CN=MF|
|resource-container||The DN of the container for resource access class containers (which in turn hold resource access definition objects), without the "base" suffix, for example CN=Enterprise Server Resources,CN=MF|