Products | Versions |
---|---|
TIBCO DataSynapse GridServer | - |
Not Applicable | - |
Resolution:
Example configuration for LDAP authentication with Active Directory:
Here's how the DataSynapse QA team configured GridServer 5 to use their test Active Directory server. Active Directory will be configured using the default MS schema . The domain name is qa-ad.datasynapse.com .
Note that Active Directory is compliant with LDAP version 3, and is using a different schema from Unix LDAP. For example, the user logon name attribute is called sAMAccountName.
* Log on to Primary Director
* Go to Users | Authentication
* Under Authentication Configuration Select LDAP for Authentication Mode
* Under JNDI Connection Configuration
o Provider URL(s) -> ldap://qapc59.grid.datasynapse.com set to your AD controller, you can optionally specify a port
o Authentication Scheme -> simple
o Username -> QA-AD\Administrator
o Password -> ***************
o JNDI Environment Variables -> java.naming.referral=follow
* Under JNDI User Search Configuration
o User Search String Format -> (&(objectclass=user)(sAMAccountName={0}))
o User Search Base -> dc=qa-ad,dc=datasynapse,dc=com
o User Group Attribute -> memberOf
* Click on Save
Then, in Users | Role Admin, select the group(s) you are interested in, and then set the specific LDAP Group Name to map the role onto. For example, the Configure role might be CN=Administrators,CN=Builtin,DC=qa-ad,DC=datasynapse,DC=com
You will need to restart the Director to pick up the new LDAP configuration.