Required. The name to identify the external directory service. My webMethods Server uses this name to display the external directory service in the user interface.

A descriptive comment about the external directory service.

One or more keywords to use when searching for external directory services.

Required. The number of database queries to cache. The default is 1000.

My webMethods Server deletes the cache entries when the number of cached queries reaches the specified capacity, starting from the oldest entries.

Required. The period of time for which queries remain in the cache unless the cache capacity is exceeded. The default is 1 hour.

My webMethods Server deletes cache entries when the cache timeout expires, even if the specified cache capacity is not reached.

Enables or disables the directory service. The default is Yes. This service is enabled.

Required. The maximum number of connection errors to occur before disabling the service. The default is 10.

Attempt to reconnect to the directory server if the service is disabled after reaching the connection error threshold or if the connection to the server is lost due to a network outage or planned maintenance. Enabled by default.

The period of time (in seconds) to wait between subsequent attempts to reconnect. The default is 6.

Required. The URL for the external directory server using the following syntax:

Required. The root distinguished name to use when querying the directory server. For example, ou=mywebMethods,o=webmethods.com

The additional user DN to use when searching and loading users.

The additional group DN to use when searching and loading users.

Whether to use Kerberos authentication when connecting to the LDAP service. The default is No. Do not use Kerberos. For more information about using directory services with Kerberos, see Configure Kerberos Authentication for Directory Services.

Whether to use Kerberos credentials cache while the user session lasts. Available only when the LDAP service is configured to use Kerberos Authentication. The default is No. Do not use ticket cache.For more information about configuring Kerberos ticket cache for directory services, see Configure Kerberos Authentication for Directory Services.

Required when not using Kerberos Ticket Cache. The distinguished name required to log in to the external directory server.

Required when not using Kerberos Ticket Cache. The password required to log in to the external directory server.

The URL to another LDAP server that My webMethods Server uses for failover if the primary LDAP server, specified in the Provider URL field, fails. Separate multiple values with spaces.

Required. The maximum amount of time (in seconds) that an LDAP search query can run before it expires. The default is 0 - the query does not expire.

Unless you configure the connection timeout in the custom_wrapper.conf file, My webMethods Server uses the Search Timeout to define the timeout of a connection to an LDAP server. For more information about configuring an LDAP server connection timeout, see Administering My webMethods Server Configuring a Connection Timeout for an LDAP Directory Service.

Required. Enables or disables the use of wildcard characters in directory searches. The default is Yes. Enable default wildcard searches.

Disabling wildcard searches might improve performance for large servers. When using wildcards, servers do not use any internal indexes for search performance.

Required. Indicates whether to query for group membership across all external directory services, configured in My webMethods Server. When you enable this option, the search queries for group membership across all directory services, which degrades the login performance. The default is No. Group Across Directory Service.

For more information, see Administering My webMethods Server Group Membership Across Directory Services.

Required for Active Directory. Indicates whether to determine the group membership of an Active Directory user with one query instead of a recursive search. When you enable this option, the search uses one query, which improves the login performance.. Users must belong either to an Active Directory security group, or a regular group. The default is Disabled.

Applies only to Active Directory. Specify multiple Active Directory sub-domain URLs, separated by spaces.

The LDAP filter that My webMethods Server applies to all queries when searching for users. Use a technical LDAP query that limits the type of objects, exposed in My webMethods Server.

The LDAP filter that My webMethods Server applies to all queries when searching for groups. Use a technical LDAP query that limits the type of objects, exposed in My webMethods Server.

Enables or disables searches in nested LDAP groups. The default value is No. Do not use nested groups.

Enables or disables the use of the Virtual List View control to retrieve a subset of objects for an LDAP query. The default value is No. Do not use the VLV control. Applies only when the automatic configuration of LDAP server controls is disabled.

Enables or disables the use of the Server-Side Paging control to page the results of an LDAP query. The default value is No. Do not use the Paging control. Applies only when the automatic configuration of LDAP server controls is disabled.

Enables or disables the use of the Server-Side Sorting control to sort the results of an LDAP query in a particular order. The default value is No. Do not use the Soting control. Applies only when the automatic configuration of LDAP server controls is disabled.

Enables or disables the automatic configuration of LDAP server controls by My webMethods Server. The default value is Yes. Autoconfigure the controls.

Required. The User Object Class attribute for the external directory service. The default is person.

Required. The User ID attribute for the external directory service. The default is uid.

Required. The First Name attribute for the external directory service. The default is sn.

Required. The Last Name attribute for the external directory service. The default is givenName.

Required. The Full Name attribute for the external directory service. The default is cn.

Required. The Email Address attribute for the external directory service. The default is mail.

Required. The Password attribute for the external directory service.

The name of an attribute in the external directory service that identifies a user as disabled. The default is true.

The regular expression to use when evaluating the User Disabled attribute for the external directory service.

The name of the attribute to use as a universally unique identification attribute of a user. Specify a string of maximum 128 characters, for example cn or email.

For more information, see Administering My webMethods Server Configuring Universally Unique Identifier (UUID) for Users.

Required. The Group Object Class attribute for the external directory service. The default is groupofuniquenames.

Required. The Group ID attribute for the external directory service. The default is cn.

Required. The Group Name attribute for the external directory service. The default is cn.

Required. The Group Members attribute for the external directory service. The default is uniquemember.

Required. The Group Email attribute for the external directory service. The default is mail.

The minimum number of connections to the external directory server to keep open at all times. The default is 1.

The maximum number of connections to the external directory server to keep open at all times. The default is 20.

The maximum amount of time to keep a connection to the external directory server open, before recycling the connection. The server resets this value for each LDAP search to ensure that an LDAP connection remains open during the search process. The default is 10 minutes.

The time interval for cleaning up expired LDAP connections. The default is 1 minute.