Creating an LDAP Server Configuration Object

Create an LDAP server configuration object to enable LDAP user authentication.

Prerequisites
Database Version LDAP Server Configuration Object Privileges
SAP Sybase IQ 15.3 and 15.4 Not supported.
SAP Sybase IQ 16.0 You must have the MANAGE ANY LDAP SERVER system privilege.
Task
Parameters defined during the creation of an LDAP server configuration object are stored in the ISYSLDAPSERVER (system view SYSLDAPSERVER) system table.
  1. In the Perspective Resources view, select the resource, and select Resource > Administration Console.
  2. In the left pane, expand IQ Servers > Security, and then select LDAP Servers.
  3. Click the arrow next to LDAP Servers and select New.
    The Create LDAP Server Wizard appears.
  4. On the Welcome page, specify:
    Option Description
    Select a resource for which the LDAP server will be created From the list, select the resource for which the LDAP server configuration object will be created.
    What do you want to name the new LDAP server? Enter a unique name for the new LDAP server configuration object; maximum of 128 characters.
    Validate LDAP server properties but do not create LDAP server (Optional) Select to validate the properties defined for the new LDAP server configuration object without actually creating it.
    Activate LDAP server after creation (Optional) Select to activate the new LDAP server configuration object after creation.
    Note: The Validate LDAP server properties but do not create LDAP server and Activate LDAP server after creation options are mutually exclusive. When one is selected, the other becomes unavailable.
  5. Click Next.
  6. On the Search DN page, specify:
    Option Description
    Search URL Specify the host (by name or by IP address), port number, and search to be performed to look up the DN for a given user ID. For example: ldap://my_LDAPserver:389/dc=MyCompany,dc=com??sub?cn=*
    Access Account Enter the distinguished name for a user used to connect to the LDAP server configuration object. For example: cn=iqadmin, cn=Users, dc=mycompany, dc=com
    Password Enter the password for the Access account.
    Encrypted Select if the Access account password is provided in encrypted format.
  7. Click Next.
  8. On the Attributes page, specify:
    Option Description
    Authentication URL Specify the host (by name or by IP address), port number, and search to be performed to look up the DN for a given user ID, or enter NULL.
    Connection timeout Specify the length of time after which the system stops trying to connect to the LDAP server configuration object. Value can be entered in milliseconds, seconds, or minutes. Valid range is between 1-3600000 milliseconds (3600 seconds or 60 minutes). Default value is 10000 milliseconds.
    Connection retries Specify the maximum number of connection retries. Valid range is 1-60. Default value is 3.
    Use TLS protocol on LDAP connections Select to enable TLS protocol on LDAP connections.
    Note: This option is unavailable if the SEARCH or Authentication URL values use ldps://...
  9. Click Next.
  10. (Optional) On the Comment page, specify a comment for the LDAP server configuration object.
    Note: This option is unavailable when the option Validate LDAP server properties but do not create LDAP server is selected.
  11. Click Finish.
Parent topic: LDAP Servers
Related concepts
LDAP Server Overview
Related tasks
Deleting an LDAP Server Configuration Object
Activating an LDAP Server Configuration Object
Suspending an LDAP Server Configuration Object
Refreshing an LDAP Server Configuration Object
Validating a User on an External LDAP Server
Generating LDAP Server Configuration Object DDL Commands
Viewing or Modifying LDAP Server Configuration Object Properties
Authenticating a Login Account for a Managed Resource
Related reference
LDAP Server Configuration Object Privilege Summary