friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahy_5.4.0.1/rzahyrealms.htm

74 lines
4.4 KiB
HTML
Raw Permalink Blame History

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Directory Server (LDAP) - Realms and user templates</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="rzahyrealms"></a>
<h2 id="rzahyrealms">Realms and user templates</h2>
<p>The realm and template objects found in the Web administration tool are
used in order to relieve the user of the need to understand some of the underlying
LDAP issues.</p>
<p>A realm identifies a collection of users and groups. It specifies information,
in a flat directory structure, such as where users are located and where groups
are located. A realm defines a location for users (for example, "cn=users,o=acme,c=us")
and creates users as immediate subordinates of that entry (for example John
Doe is created as "cn=John Doe,cn=users,o=acme,c=us"). You can define multiple
realms and give them familiar names (for example Web Users). The familiar
name can be used by the people that are creating and maintaining the users.</p>
<p>A template describes what a user looks like. It specifies the objectclasses
that are used when creating users (both the structural objectclass and any
auxiliary classes that you want). A template also specifies the layout of
the panels used to create or edit users (for example, names of tabs, default
values, and attributes to appear on each tab).</p>
<p>When you add a new realm, you are creating an ibm-realm object in the directory.
The ibm-realm object keeps track of the properties of the realm such as where
users and groups are defined, and what template to use. The ibm-realm object
can point to an existing directory entry that is the parent of users, or it
can point to itself (the default), making it the container for new users.
For example, you could have an existing cn=users,o=acme,c=us container, and
create a realm named <tt class="xph">users</tt> elsewhere in the directory
(maybe a container object called cn=realms,cn=admin stuff,o=acme,c=us) that
identifies cn=users,o=acme,c=us as the location for users and groups. This
creates an ibm-realm object:</p>
<pre class="xmp">dn: cn=users,cn=realms,cn=admin stuff,o=acme,c=us
objectclass: top
objectclass: ibm-realm
objectclass: ibm-staticGroup
ibm-realmUserTemplate: cn=users template,cn=realms,cn=admin stuff,o=acme,c=us
ibm-realmUserContainer: cn=users,o=acme,c=us
ibm-realmGroupContainer: cn=users,o=acme,c=us
ibm-realmAdminGroup: cn=users,cn=realms,cn=admin stuff,o=acme,c=us
ibm-realmUserSearchFilter:
cn: users</pre>
<p>Or, if there was no existing cn=users,o=acme,c=us object, you could create
the realm <tt class="xph">users</tt> under o=acme,c=us and have it point to
itself.</p>
<p>The directory administrator is responsible for managing user templates,
realms and realm administrator groups. After a realm is created, members of
that realm's administrator group are responsible for managing the users and
groups within that realm.</p>
<p>For more information about how to manage realms and user templates, see <a href="rzahymanrealmusr.htm#rzahymanrealmusr">Manage realms and user templates</a>.</p>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink