Symantec 10490452 Administration Guide - Page 35

Configuring system settings 35 Configuring LDAP settings Table 2-5 LDAP Server Parameters when editing a server Item Description Authentication Query Details Contains the following options: ■ Autofill-Places default values in the field for you to modify as needed. ■ Query start (Auth base DN)-Designates the point in the directory from which to start searching for entries to authenticate. ■ Login attribute-Specifies the attribute that identifies a directory entry representing a person. ■ Primary email attribute-Finds users based on the attribute which represents a mailbox. ■ Email alias attribute-Finds users based on the attribute representing an alternative address for entities' mailbox. ■ Login query-Finds users based on their Login attributes. ■ Test-Attempts to execute the query as defined. Synchronization Allows for the following definitions governing synchronization Configuration behavior: ■ Synchronize every-Specifies how often scheduled synchronization occurs. You can specify a number of minutes, hours, or days. The default is 1 day. ■ Audit level-Verbosity setting for LDAP audit logs. Choices of Off, Low, and Verbose are available. The default is Off. ■ Page size-Number of discrete changes that are accepted together for synchronization. Use a number between 1 and 2,000. The default is 25. If you are using the iPlanet/SunOne directory server, change Page size to 0 for optimal performance. This section is grayed out if Usage type is Authentication. Editing an LDAP server definition can cause a full synchronization to be initiated. This can have serious performance impact on your system until the synchronization completes. To initiate an LDAP synchronization 1 Click Status > LDAP Synchronization. 2 If you wish to synchronize fewer than 1,000 changes of LDAP data, click Synchronize Changes. 3 If you wish to synchronize 1,000 changes of LDAP data or more, click Full Synchronization.