Viewing or Modifying LDAP Server Configuration Object Properties

View or change properties to an LDAP server configuration object. Any changes to an LDAP server configuration object are applied on subsequent connections. Any connection already started when the change is applied do not reflect the change.

Prerequisites

Database Version	LDAP Server Configuration Object Privileges
SAP Sybase IQ 15.3 and 15.4	Not supported.
SAP Sybase IQ 16.0	View any LDAP server property page – None Required. Modify any LDAP server property – Requires MANAGE ANY LDAP SERVER system privilege.

Database Version

LDAP Server Configuration Object Privileges

SAP Sybase IQ 15.3 and 15.4

Not supported.

SAP Sybase IQ 16.0

View any LDAP server property page – None Required.

Modify any LDAP server property – Requires MANAGE ANY LDAP SERVER system privilege.

The SAP Sybase IQ resource is authenticated and running.
You are licensed for the Advanced Security option (IQ_SECURITY).

Task

In the Perspective Resources view, select the resource and select Resource > Administration Console.
In the left pane, select IQ Servers > Security > LDAP Servers.
Select an LDAP server from the right pane and either:
- Click the arrow to the right of the name and select Properties, or
- From the Administration Console menu bar, select Resource > Properties.
The LDAP Server Properties view appears.

View or edit the properties.

When modifying properties, clicking Apply before changing screens is not necessary, but will save any changes.
If you do not have privileges to modify properties, Sybase Control Center displays the properties view in read-only mode.

Area	Description
General Read-only	Name—Name of the LDAP server configuration object. State—Current state of the LDAP server configuration object. Valid states include: RESET – Indicates that one or more attributes on the LDAP server configuration object have been entered or modified since last activation. READY – Indicates that the LDAP server configuration object is ready to accept connections. ACTIVE – Indicates that the LDAP server configuration object has performed at least one successful LDAP user authentication. FAILED – Indicates that there is a problem connecting to the LDAP server configuration object. SUSPENDED – Indicates that the LDAP server configuration object is in maintenance mode, and is not available for LDAP user authentication. Last state change—Date and time the LDAP server configuration object state last changed.
Attributes	Search URL—The host (by name or by IP address), port number, and search to be performed to look up the DN for a given user ID. For example: ldap://my_LDAPserver:389/dc=MyCompany,dc=com??sub?cn=* Authentication URL—The host (by name or by IP address), port number, and search to be performed to look up the DN for a given user ID, or enter NULL. Access account—The distinguished name for a user used to connect to the LDAP server configuration object. For example: cn=iqadmin, cn=Users, dc=mycompany, dc=com Password—The password for the Access account. Encrypted—Indicates that the password is provided in encrypted format. Connection timeout—The length of time after which the system stops trying to connect to the LDAP server configuration object. Value can be entered in milliseconds, seconds, or minutes. Valid range is between 1-3600000 milliseconds (3600 seconds or 60 minutes). Default value is 10000 milliseconds. Connection retries—The maximum number of connection retries. Valid range is 1-60. Default value is 3. Use TLS protocol on LDAP connections—Enables the TLS protocol on LDAP connections. Note: This option is unavailable if the SEACH URL value specifies ldps://...
Comment	Comment—A text field for adding an optional comment about the LDAP server configuration object.

Area

Description

General

Read-only

Name—Name of the LDAP server configuration object.

State—Current state of the LDAP server configuration object. Valid states include:

RESET – Indicates that one or more attributes on the LDAP server configuration object have been entered or modified since last activation.
READY – Indicates that the LDAP server configuration object is ready to accept connections.
ACTIVE – Indicates that the LDAP server configuration object has performed at least one successful LDAP user authentication.
FAILED – Indicates that there is a problem connecting to the LDAP server configuration object.
SUSPENDED – Indicates that the LDAP server configuration object is in maintenance mode, and is not available for LDAP user authentication.

Last state change—Date and time the LDAP server configuration object state last changed.

Attributes

Search URL—The host (by name or by IP address), port number, and search to be performed to look up the DN for a given user ID. For example: ldap://my_LDAPserver:389/dc=MyCompany,dc=com??sub?cn=*

Authentication URL—The host (by name or by IP address), port number, and search to be performed to look up the DN for a given user ID, or enter NULL.

Access account—The distinguished name for a user used to connect to the LDAP server configuration object. For example: cn=iqadmin, cn=Users, dc=mycompany, dc=com

Password—The password for the Access account.

Encrypted—Indicates that the password is provided in encrypted format.

Connection timeout—The length of time after which the system stops trying to connect to the LDAP server configuration object. Value can be entered in milliseconds, seconds, or minutes. Valid range is between 1-3600000 milliseconds (3600 seconds or 60 minutes). Default value is 10000 milliseconds.

Connection retries—The maximum number of connection retries. Valid range is 1-60. Default value is 3.

Use TLS protocol on LDAP connections—Enables the TLS protocol on LDAP connections.

Note: This option is unavailable if the SEACH URL value specifies ldps://...

Comment

Comment—A text field for adding an optional comment about the LDAP server configuration object.

Click OK.