Symantec does not recommend customizing the LDAP tree. It is not included in Symantec's Technical Support contract.
However, I find there are a slew of things you customize which are nice features that I wish Symantec included. For example automating updates to user look up tables, auto-import of users, failover settings, etc. These attributes are all stored in the LDAP tree.
Mod at your own risk:
Port 636 (SSL)
Protocol LDAP v3
USERID=Administrator,ou=People,DC=[your_domain],O=SYMC_SES
LDAP Search using objectClass=* as a filter locally on the SSIM:
$ldapsearch -h localhost -Z -K /etc/symantec/ses/key.kdb -b "o=symc_ses" -D 'USERID=Administrator,ou=People,DC=[your_domain],O=SYMC_SES' -w [admin_password]" "objectClass=*"
Jxplorer is a nice tool for LDAP browsing SSIM. You may see some fields storing XML (for example symcMetaData for the userlook up tables). These fields need to be base64 encoded prior to setting the attribute.
Modifying look up tables for example:
ldapsearch -h localhost -Z -K /etc/symantec/ses/key.kdb -b "cn=Lookup Tables,cn=Rule Engine,cn=SIM,ou=Administration,dc=[DOMAIN],o=symc_ses" -D 'USERID=Administrator,ou=People,DC=[DOMAIN],O=SYMC_SES' -w [PASSWORD] "dlmCaption=[TABLE_NAME]"
This is the ldif I am importing:
To get the resulting table:
You also need to modify the LDAP attribute symcSequenceRevision with an updated timestamp. This time stamp is in Zulu time format. If you do not update this, then the table will not be updated.
No comments:
Post a Comment