UnboundID Identity Broker - LDAP Consent Store

Identity Broker Documentation Index
Configuration Reference Home

LDAP Consent Store

LDAP Consent Stores uses a LDAP Directory Server to store consents used by policy services.

↓Parent Component
↓Relations To this Component
↓Properties
↓dsconfig Usage

Parent Component

The LDAP Consent Store component inherits from the Consent Store

Relations from This Component

The following components have a direct aggregation relation from LDAP Consent Stores:

Load Balancing Algorithm

Username Mapper

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ description	None
↓ username-mapper
↓ load-balancing-algorithm

Basic Properties

description

Description	A description for this Consent Store
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

username-mapper

Description	Specifies the names of the username mapper that is to be used with this LDAP consent store to match owner ID included in policy request to the corresponding user in the directory. When multiple mappers are used, they are evaluated in the order specified until a user is successfully mapped.
Default Value	None
Allowed Values	The DN of any Username Mapper. The referenced username mapper must be enabled when the LDAP Consent Store is enabled.
Multi-Valued	Yes
Required	Yes
Admin Action Required	None. Modification requires no further action

load-balancing-algorithm

Description	Specifies the load-balancing algorithm that will be used to communicate with the set of servers available to access the consent store.
Default Value	None
Allowed Values	The DN of any Load Balancing Algorithm. The associated load balancing algorithm must be enabled.
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured Consent Stores:

dsconfig list-consent-stores
     [--property {propertyName}] ...

To view the configuration for an existing Consent Store:

dsconfig get-consent-store-prop
     --store-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Consent Store:

dsconfig set-consent-store-prop
     --store-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new LDAP Consent Store:

dsconfig create-consent-store
     --store-name {name}
     --type ldap
     --set username-mapper:{propertyValue}
     --set load-balancing-algorithm:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Consent Store:

dsconfig delete-consent-store
     --store-name {name}