Description:
In previous service packs, the concurrent-bind-user configuration command only supported one DN. This was a problem for large CA SiteMinder implementations that have multiple CA Directory user stores.
CA Directory r12.0 Service Pack 4 now supports multiple DNs for this configuration paramater.
Solution:
To define multiple DN's in the DSA's configuration file for the "concurrent-bind-user" command, you specify the command as a comma-separated list, e.g.:
set concurrent-bind-user = <c AU><o Democorp><ou Users><cn "Chris Hanlen">, <c AU><o Democorp><ou Users><cn "Craig Link">, <c AU><o Democorp><ou Users><cn "Candace Hanlen">;
After saving the file, run "dxsyntax" in order to confirm that the command has been specified correctly.
Note: The DN values must be supplied in CA Directory's X.500 notation and ordering (top-down), not LDAP DN format (bottom-up).
When the DSA is running, you can confirm that the multiple DN's have been loaded correctly, by opening up a DXconsole session and typing in the command: "get user;"
Welcome to the DSA Management Consoledsa> get user; allow-binds = TRUEallow-native-prefix-reauthentication = FALSEauth-trap = FALSEauthentication = nonebusy-for-referral = FALSEconcurrent-bind-user = <countryName "AU"> <organizationName "Democorp"> <organizationalUnitName "Users"> <commonName "Candace Hanlen"> <countryName "AU"> <organizationName "Democorp"> <organizationalUnitName "Users"> <commonName "Craig Link"> <countryName "AU"> <organizationName "Democorp"> <organizationalUnitName "Users"> <commonName "Chris Hanlen">