The LDAPCACHEDURATION option determines the amount of time that the IBM® Tivoli® Storage Manager server caches LDAP password authentication information.
After a successful LDAP bind, the value that you enter determines the amount of time that information about the LDAP directory server is kept available. The higher the number, the better the performance of the LDAP directory server. During the cache period, though, changes on the LDAP directory server do not take immediate effect on the node. For example, old passwords might be available for some time, even after they were changed or locked on the LDAP server.
Include the LDAPCACHEDURATION option in a SETOPT command to have the option take effect immediately.
Restriction: The LDAPCACHEDURATION option
does not apply to storage agents.
Parameters
- minutes
- Specifies the maximum amount of time after a successful LDAP bind, that subsequent sessions to the same node or administrator skip secondary LDAP bind operations. Values range from zero to 360 minutes.
Example: Set the LDAPCACHEDURATION value to 6 hours (maximum)
In the dsmserv.opt file, specify the following value:ldapcacheduration 360After a node or administrator authenticates with an external directory server, the LDAP bind is skipped for 360 minutes on all sessions.