One instance of Novell eDirectory directory server can
have multiple contexts. Because each context immediately under the
ROOT DSE (tree Object) is mapped to a Content Platform Engine realm, one eDirectory
server can be mapped to multiple Content Platform Engine realms.
For each realm, you must create an application server authentication
provider and a DirectoryConfigurationNovell object, so that there
is a one-to-one relationship between Realm object and authentication
provider, and also a one-to-one relationship between Realm object
and DirectoryConfigurationNovell object.
For example:
- If the user base DN is dc=filenet.com, ou=eng, o=cedev1, then
o=cedev1 will be the context for all the objects under it, and it
is the first level under the ROOT DSE, which is the name of Content Platform Engine Realm object.
- If the user based DN is dc=filenet.com, ou=eng, c=US, then c=US
will be the context for all the objects under it, and it is the first
level under the ROOT DSE, which the name of Content Platform Engine Realm object.
For each DirectoryConfigurationNovell object, FileNet P8 uses the
specified UserBaseDN property value to lookup context.
Important: It is a best practice to configure SSL between
your application server that hosts Content Platform Engine and your Novell eDirectory
servers. This will include making changes in the application server
to the authentication provider's DirectoryConfigurationNovell object
that was created while running Configuration Manager. Consult your
application server's documentation for instructions.