cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Visit the PTCooler (the community lounge) to get to know your fellow community members and check out some of Dale's Friday Humor posts! X

How to configure access over Microsoft Global Catalogs(multiple top domains) in RVS(integrity)

0 Kudos

How to configure access over Microsoft Global Catalogs(multiple top domains) in RVS(integrity)

Status: New Idea Submitted by 3-Visitor on ‎Sep 27, 2021 11:46 PM
2 Comments (2 New)

How to set up authentification over multiple LDAP domains in Integrity Lifecycle Manager when using the Global Catelog option.

 

This will not work with domains across multiple forests or top level domains(in a same Global Catalogs)

#When using the Global Catelog option, the server you connect to must serve both domains.

#but, there are multiple LDAP host connections. (Since no referrals would be thrown)

 

ldap.principal=cn\=alm,ou\=SysAdmin,dc\=Gery,dc\=com

ldap.credential=**********

 

 

#When searching for Users, we need to specify all locations to look.

#This includes both domains.

ldap.host.1=Gery.com 

ldap.port.1=3268

ldap.host.2=uGery.com 

ldap.port.2=3268

ldap.user.dn.1=dc\=Gery,dc\=com

ldap.user.dn.2=dc\=uGery,dc\=com

 

#Same for groups

ldap.group.dn.1=dc\=Gery,dc\=com

ldap.group.dn.2=dc\=uGery,dc\=com

 

//These settings will apply to all DNs.

ldap.user.scope=subtree

 

See more ideas labeled with:
2 Comments
FH_9089421
3-Visitor
3-Visitor
‎Sep 28, 2021 12:00 AM
‎Sep 28, 2021 12:00 AM

Microsoft Global Catalogs used sid as an unique key in the different top level forest domains, we need Integrity RV&S support Global Catalogs option.

FH_9089421
3-Visitor
3-Visitor
‎Sep 28, 2021 11:23 PM
‎Sep 28, 2021 11:23 PM

global catalog  decode sid

/**
* The binary data is in the form:
* byte[0] - revision level
* byte[1] - count of sub-authorities
* byte[2-7] - 48 bit authority (big-endian)
* and then count x 32 bit sub authorities (little-endian)
*
* The String value is: S-Revision-Authority-SubAuthority[n]...
*
* Based on code from here - http://forums.oracle.com/forums/thread.jspa?threadID=1155740&tstart=0
*/