Versions Compared

Old Version 21

changes.mady.by.user Amit Munwes

Saved on

compared with

New Version 22

changes.mady.by.user Amit Munwes

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

It can also disable the LDAP configuration in order to rollback to the internal database registry.

Please make sure to complete all the information in Planning LDAP Configuration, which includes detailed explanation on all the parameters.

Parameters File

A template of the LDAP parameters file is provided at /app/utils/LDAP_parameters.properties.

...

ParameterDescription

builtinRoleMethod

Should be "user_attribute" (for scenario A) or "group_attribute" (for scenario B).
e.g. group_attribute

testUserNameThe username user name of a user for testing
e.g. adminford
testUserPassword

The password of a user for testing
Note: This password is used only for testing and is not stored in the configuration database and files
e.g. pass123

connectionUrlLDAP server URL including port. Use ldap:// prefix for non-SSL connection and ldaps:// prefix for SSL connection.
e.g. ldap://192.168.110.15:389
referrals

Follow or ignore Whether LDAP referrals should be followed or ignored (follow/ignore)
e.g. ignore

connectionNameQuery user distinguished name (DN)
e.g. cn=LDAP Query User,ou=people,dc=example,dc=org
connectionPasswordQuery user password
Note: This password will be encrypted and stored in the configuration database and files
e.g. pass123

userSearchBase

User search base entry
e.g. ou=people,dc=example,dc=org
userSearchSubtreeUser search query sub-tree (true/false)
e.g. true
userSearchFilter

User search filter
Use {0} as a placeholder for the user name entered in the login screen
e.g. (&(objectClass=person)(sAMAccountName={0}))

groupSearchBase

Group search base entry
e.g. ou=groups,dc=example,dc=org

groupSearchSubtree

Group search query search sub-tree (true/false)
e.g. true

groupSearchFilter

Group search filter
Use {0} as a placeholder for the full DN of the user found in the LDAP server
e.g. (&(objectClass=groupOfUniqueNames)(uniqueMember={0}))

groupSearchNested

Nested groups Group search nested (true/false)
e.g. true

groupRoleAttributeName

Group entry role attribute name
e.g. cn

userRoleAttributeName

For scenario A only
User entry role attribute name
e.g. "DPODRole"

...