Policy Server :: LDAP Referrals : EnableEnhancedReferrals and EnableReferrals

book

Article ID: 48683

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

 

We would like to know how to disable the LDAP referrals in the Policy
Server configuration. How can we do that ?

 

Environment

 

Policy Server all versions

 

Resolution

In order to disable the referrals on the Policy Server you need to set
these registry keys:

     HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Ds\LDAPProvider= 
       EnableEnhancedReferrals = 1; REG_DWORD       
       EnableReferrals = 0; REG_DWORD 

Details:

     EnableEnhancedReferrals = 1 

Policy Server will not perform all referral processing. If
EnableEnhancedReferrals is disable (value to 0) Policy Server will
perform operations related to referrals such as DNS resolutions among
the others.

     EnableReferrals = 0 

Policy Server will not to follow the referrals.

If the Policy Server has to contact Active Directories, let point the
Policy Server to the Global Catalog which is the port 3268 in order
for the Policy Server not to received command from Active Directory to
follow referrals.

(http://technet.microsoft.com/en-us/library/cc978012.aspx)