You can configure certain LDAP properties on database nodes, and on the Unity server, if used, to help narrow the search base for directory objects to the children of specified parent objects, rather than searching the entire directory.
This feature is not dependent upon bind type.
- Make changes to the TdgssUserConfigFile.xml as shown in Making Changes to TdgssUserConfigFile.xml on Database Nodes.
- Edit the LDAP needed search properties to enhance searches.
|LdapGroupBaseFQDN||Contains the FQDN of the directory object that contains group objects.
When you authorize database users in a directory, you have the option to create role objects in the directory, and then map them to groups with user members. You can configure the LdapGroupBaseFQDN property to enhance the search for directory groups and speed user authorization.
|LdapUserBaseFQDN||Contains the FQDN of a directory group object that contains directory user objects.
You can configure this property to narrow the search base for directory users to enhance user authentication.