IPlanet LDAP Server implements dynamic ldap groups by having schema as objectclass = groupOfURLs. A groupOfURLS class can have multiple memberURL attributes, each one consisting of an LDAP URL that enumerates a set of objects in the directory. The members of the group would be the union of these sets.
In the example below, TestDynamic Group has a single memberURL attribute
All users having the description as dynUser belong to this group.
In this article we will learn to configure Weblogic Sever with iPlanet Authenticator having dynamic ldap groups.
Create a User in the iPlanet Server.
Go to Advance Properties of the user
Click on Add Attribute and select description
Give the description as dynUser and click OK.
Create a Group
Under Provider Specific
Port:500 (the port at which your ldap server is running)
User Base DN:ou=People,dc=oracle,dc=com
Group Base DN:ou=Groups,dc=oracle,dc=com
Leave the others as default.
IPlanet Authenticator has the default settings to determine dynamic group membership.
Restart the server, go to Security Realm and click on Users tab.
Check the group faisal belongs to.