How to configure multiple LDAP domains in ActiveMatrix Administrator.
Article ID: KB0090565
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix Service Grid | - |
| TIBCO BPM Enterprise (formerly TIBCO ActiveMatrix BPM) | - |
| TIBCO ActiveMatrix BusinessWorks Service Engine | - |
Description
Description:
The Active Directory LDAP environment is configured with two separate
Active Directory domains. Since the user/group information stored in both domains, the admin user should have the ability to search both domains in ActiveMatrix Administrator.
Example. Below are the domains to be configured for the user/group search.
Domain A : dc=dmnA,dc=example,dc=com
Domain B :dc=dmnB,dc=example,dc=com
Resolution
The following steps help to extend the user search to multiple LDAP domains.
1). Create referrals in LDAP server for the domains you want to extend the search. For the above mentioned case, the LDAP administrator should create referrals under DomainA "dmnA" to point to the DomainB "dmnB". The referral will be of the format "ldap://<host>:<port>/<search DN>". Note: attached (Filename: LDAPReferral__Apache_DS_LDAP_Server.docx) document describes how to create referral in an Apache DS LDAP server. The way referrals are being created might vary depending on the type of LDAP server.
2). Once the referrals are set up successfully, test the same with any of the LDAP browser to see if it successfully retrieves users from both domains once you trigger the search from the domain where referral is being configured.
3). Add the property “java.property.amx.node.ldap.followReferral = true” to the <TIBCO_HOME>\tibco\tibcohost\<admin-instance>\data_3.2.x\nodes\SystemNode\bin\tibamx_SystemNode.tra file.
4). Restart the host.
1). Create referrals in LDAP server for the domains you want to extend the search. For the above mentioned case, the LDAP administrator should create referrals under DomainA "dmnA" to point to the DomainB "dmnB". The referral will be of the format "ldap://<host>:<port>/<search DN>". Note: attached (Filename: LDAPReferral__Apache_DS_LDAP_Server.docx) document describes how to create referral in an Apache DS LDAP server. The way referrals are being created might vary depending on the type of LDAP server.
2). Once the referrals are set up successfully, test the same with any of the LDAP browser to see if it successfully retrieves users from both domains once you trigger the search from the domain where referral is being configured.
3). Add the property “java.property.amx.node.ldap.followReferral = true” to the <TIBCO_HOME>\tibco\tibcohost\<admin-instance>\data_3.2.x\nodes\SystemNode\bin\tibamx_SystemNode.tra file.
4). Restart the host.
Issue/Introduction
How to configure multiple LDAP domains in ActiveMatrix Administrator.
Feedback
Yes
No
Powered by
