Integrate (LDAP) Active Directory with GS5.0

Integrate (LDAP) Active Directory with GS5.0

book

Article ID: KB0092620

calendar_today

Updated On:

Products Versions
TIBCO DataSynapse GridServer -
Not Applicable -

Description

Resolution:
Example configuration for LDAP authentication with Active Directory:

Here's how the DataSynapse QA team configured GridServer 5 to use their test Active Directory server. Active Directory will be configured using the default MS schema . The domain name is qa-ad.datasynapse.com .

Note that Active Directory is compliant with LDAP version 3, and is using a different schema from Unix LDAP. For example, the user logon name attribute is called sAMAccountName.

    * Log on to Primary Director
    * Go to Users | Authentication
    * Under Authentication Configuration Select LDAP for Authentication Mode
    * Under JNDI Connection Configuration
          o Provider URL(s) -> ldap://qapc59.grid.datasynapse.com set to your AD controller, you can optionally specify a port
          o Authentication Scheme -> simple
          o Username -> QA-AD\Administrator
          o Password -> ***************
          o JNDI Environment Variables -> java.naming.referral=follow
    * Under JNDI User Search Configuration
          o User Search String Format -> (&(objectclass=user)(sAMAccountName={0}))
          o User Search Base -> dc=qa-ad,dc=datasynapse,dc=com
          o User Group Attribute -> memberOf
    * Click on Save

Then, in Users | Role Admin, select the group(s) you are interested in, and then set the specific LDAP Group Name to map the role onto. For example, the Configure role might be CN=Administrators,CN=Builtin,DC=qa-ad,DC=datasynapse,DC=com


You will need to restart the Director to pick up the new LDAP configuration.

Issue/Introduction

Integrate (LDAP) Active Directory with GS5.0