ldapentry.xml

The ldapentry.xml file replaces the ldapmap.xmlfile used in earlier versions of WebSphere Commerce. Ensure contents of your ldapmap.xmlfile used previously are transferred to the ldapentry.xml file. The ldapentry.xmlfile provides a default mapping for the most commonly used fields. LDAP attributes in the default schema mapping are based on the default user objectclasses (person, organizationalPerson, inetOrgPersonand ePerson) and default organizational entity object classes (organizationand organizationalUnit). These objectclasses are defined for all LDAP servers supported by WebSphere Commerce. To extend the default schema mapping beyond these objectclasses, ensure that schema extensions are performed on the LDAP server first, then mapping for new attributes can be placed in the ldapentry.xmlfile. It is recommended that you do not persist the following attributes to LDAP: internally generated keys within WebSphere Commerce, data that changes often, such as the PREVLASTSESSION in the USERS table.

For information about LDAP attributes refer to the IBM LDAP Directory Schema: Overview site.

<?xml version="1.0"?>
<!DOCTYPE ldapentry SYSTEM "ldapentry.dtd">
<ldapentry>
   <entry entryName="User">
      <ldapsetting> 
       <ldaprdn rdnName="uid" keyAttrName="logonId" keyObjName="UserRegistry"/>
       <ldapocs objClass="top;person;organizationalPerson;inetOrgPerson"/>
       <ldapbase defaultBase="o=Default Organization,o=Root Organization" searchBase="o=Root Organization"/>
   </ldapsetting>
      <ldapmap>
         <map>
            <objectAttribute attrName="logonPassword"/>
            <ldapAttribute name="userPassword" operation="replace" flow="wcsToLdap"/>
         </map>
         <map>
            <objectAttribute attrName="lastName"/>
            <objectAttribute attrName="firstName"/>
            <objectSeparator attrSeparator="/"/>
            <ldapAttribute name="cn" operation="replace" flow="wcsToLdap"/>
         </map>
         <map>
            <objectAttribute attrName="lastName"/>
            <ldapAttribute name="sn" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="firstName"/>
            <ldapAttribute name="givenName" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="phone1"/>
            <ldapAttribute name="homePhone" operation="add" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="email1"/>
            <ldapAttribute name="mail" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="zipCode"/>
            <ldapAttribute name="postalCode" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="address1" size="50"/>
            <objectAttribute attrName="address2" size="50"/>
            <objectAttribute attrName="address3" size="50"/>
            <objectSeparator attrSeparator="/"/>
            <ldapAttribute name="postalAddress" operation="replace" flow="bothDirections"/>
         </map>
      </ldapmap>
   </entry>
   <entry entryName="Organization">
      <ldapsetting>   
       <ldaprdn rdnName="o" keyAttrName="orgEntityName" keyObjName="Organization"/>
       <ldapocs objClass="top;organization"/>
       <ldapbase defaultBase="o=Root Organization" searchBase="o=Root Organization"/>
   </ldapsetting>
      <ldapmap>
         <map>
            <objectAttribute attrName="businessCategory"/>
            <ldapAttribute name="businessCategory" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="description"/>
            <ldapAttribute name="description" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="address1" size="50"/>
            <objectAttribute attrName="address2" size="50"/>
            <objectAttribute attrName="address3" size="50"/>
            <objectSeparator attrSeparator="/"/>
            <ldapAttribute name="postalAddress" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="phone1"/>
            <ldapAttribute name="telephoneNumber" operation="add" flow="bothDirections"/>
         </map>
      </ldapmap>
   </entry>
   <entry entryName="OrganizationalUnit">
   <ldapsetting>     
       <ldaprdn rdnName="ou" keyAttrName="orgEntityName" keyObjName="Organization"/>
       <ldapocs objClass="top;organizationalUnit"/>
       <ldapbase defaultBase="o=Root Organization" searchBase="o=Root Organization"/>       
   </ldapsetting>
      <ldapmap>
         <map>
            <objectAttribute attrName="businessCategory"/>
            <ldapAttribute name="businessCategory" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="description"/>
            <ldapAttribute name="description" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="address1" size="50"/>
            <objectAttribute attrName="address2" size="50"/>
            <objectAttribute attrName="address3" size="50"/>
            <objectSeparator attrSeparator="/"/>
            <ldapAttribute name="postalAddress" operation="replace" flow="bothDirections"/>
         </map>
         <map>
            <objectAttribute attrName="phone1"/>
            <ldapAttribute name="telephoneNumber" operation="add" flow="bothDirections"/>
         </map>
      </ldapmap>
   </entry>
</ldapentry>

The format of the ldapentry.xml file is as follows:

entry
The entry element identifies which type of member the mappings are for. Valid values are User, Organization, or OrganizationalUnit.
ldapsetting - ldaprdn - rdnName
Specifies which LDAP attribute is the RDN attribute
ldapsetting - ldaprdn - keyAttrName
Specifies which WebSphere Commerce attribute maps to the RDN attribute. For users, the attribute name corresponds to the property name documented in the syntax of the UserRegistrationAdd command. The attribute name is case sensitive. Similarly for organization and organizational unit in which case the OrgEntityAdd command should be used.
ldapsetting - ldaprdn - keyObjName
Specifies which WebSphere Commerce access bean can the WebSphere Commerce attribute specified in keyAttrName be found
ldapsetting - ldapocs - objClass
Specifies the LDAP object classes that are used to create LDAP entries
ldapsetting - ldapbase - defaultBase
Specifies the first search base DN under which WebSphere Commerce will search for users during logon if RDN is used for logon. For organizational entities, defaultBase specifies the first search base DN under which WebSphere Commerce will search for organizational entities whenever it requires.
ldapsetting - ldapbase - searchBase
Specifies the rest of the base DNs under which WebSphere Commerce will search for users and organizational entities.
map -objectAttribute - attrName
A WebSphere Commerce attribute name. For users, the attribute name corresponds to the property name documented in the syntax of the UserRegistrationAdd command. The attribute name is case sensitive. Similarly for organization and organizational unit in which case the OrgEntityAdd command should be used.
map -ldapAttribute - name
Name of an LDAP attribute to be mapped to the WebSphere Commerce attribute specified in attrName
map -ldapAttribute - flow
Specifies whether the attribute value is read from, written to, or both read and written to LDAP. Valid values are ldapToWcs, wcsToLdap, or bothDirections.
map -ldapAttribute - operation
Specifies whether how the attribute value should be modified for LDAP. Valid values are replace or add. A value of replace updates the current user information with the new information provided (for example, replace a existing phone number with a new one). A value of add includes another entry for the user (for example, adding a new phone number to the current user information, making a list of phone numbers for the user).
map - objectSeparator - attrSeparator
Separator character used when storing or retrieving multiple WebSphere Commerce attributes to or from a single LDAP attribute.

Feedback