App Connect

 View Only
Expand all | Collapse all

Enabling LDAP authentication on IBM ACEv12

  • 1.  Enabling LDAP authentication on IBM ACEv12

    Posted Wed July 31, 2024 07:21 AM

    Hi, teamates

    Anyone already has enabling, configuring...LDAP for IBM ACE onpremise?

    At the moment, the security and the different roles are set in the node. conf.yaml with local password, however, I would like to change the way in which the user logs in to WebUI or Toolkit with Domain User.

    the above based on recommendations of IBM,

    I need help for the next one parameters.

    #ldapUrl: ldap[s]://server[:port]/baseDN[?[uid_attr][?[base|sub]]] # ldap authentication url

    Thanks

    Greetings/Saludos



    ------------------------------
    Luis Axel Reyes Espinoza
    ------------------------------



  • 2.  RE: Enabling LDAP authentication on IBM ACEv12

    IBM Champion
    Posted Thu August 01, 2024 03:10 AM

    Hi Luis

    I have indeed. My configuration is like this

    caPath: 'C:\path\to\my\caPath' 

    ldapUrl: 'ldaps://ldap.my.network.com:636/DC=my,DC=network,DC=com?userPrincipalName'
      ldapBindDn: ldap::ldap.my.network.com
      ldapBindPassword: ldap::ldap.my.network.com
      #  Authorization
      authorizationEnabled: true   
      authorizationMode: 'ldap'     
      ldapAuthorizeUrl: 'ldaps://ldap.my.netwerk.com:636/DC=my,DC=network,DC=com?userPrincipalName?sub?(member={{dn}})'  
      ldapCheckServerIdentity : true 

    In order to determine where your users are located in the ldap three and what parameter matches the username you enter, I use NetTools

    After that you have to do proper role mapping as well with the full group name.



    ------------------------------
    Regards
    Matthias Blomme
    ------------------------------