For the CA’s authorization subsystem, Is it possible to configure the CA to look for users in a different DS instance than the one defined in ‘internaldb.ldapconn.host’ ?

 

I’ve done some initial testing changing the following settings to point to another ds instance:

authz.instance.DirAclAuthz.ldap.basedn=<my basedn>
authz.instance.DirAclAuthz.ldap.database=<my database>

authz.instance.DirAclAuthz.ldap.ldapconn.host=myotherds

authz.instance.DirAclAuthz.ldap.ldapconn.port=389

 

After a restart, the CA seems to still be doing authorization queries to the DS defined in ‘internaldb.ldapconn.host’.

 

 

Thanks,

pwr