Configuring LDAP
Follow these steps to configure LDAP authentication.
Procedure
- Try connecting to your AD or LDAP installation with a separate LDAP exploration tool to ensure that all configuration properties are correct before you attempt to configure these in Team Studio.
- Install Team Studio.
- Edit the <installation directory>/shared/ldap.properties file to configure LDAP in Team Studio.
-
Change the default entries of the
ldap.properties to match your LDAP installation. See the
ldap.properties.active_directory or
ldap.properties.opensource_ldap files for examples. Here is an example:
LDAP Settings for Active Directory # Set this property to true to enable LDAP authentication. Default is false. ldap.enable = false # Host and port for accessing LDAP server. ldap.host = localhost ldap.port = 389 # Set this property to use Transport Level Security (TLS) for accessing LDAP server. Default is false. ldap.start_tls = false #LDAP root for search and query ldap.base = DC=www,DC=example,DC=com # username and password used for binding to LDAP server ldap.bind.username = uid=admin,ou=system ldap.bind.password = q2W#e4R% #----- Uncomment following properties to enable group membership authentication ------# # Note that all three entries must either be commented or uncommented # List of LDAP group names that are used for verifying group membership. # NOTE: For release 5.3, only one group is supported. #ldap.group.names = OtherGroup # Search base for looking up members in the groups above. #ldap.group.search_base = DC=www,DC=example,DC=com #Group Filter for Active Directory. This will work only for Active Directory #ldap.group.filter = (memberOf={0}) #------------------------------------------------------------------------------------------# # Search base for user authentication ldap.user.search_base = OU=CorpUsers,DC=www,DC=example,DC=com #Search filter for user authentication. This will work only for Active Directory ldap.user.filter = (sAMAccountName={0}) # Mappings of Chorus user properties to LDAP user attributes. ldap.attribute.uid = sAMAccountName ldap.attribute.ou = department ldap.attribute.gn = givenName ldap.attribute.sn = sn ldap.attribute.mail = mail ldap.attribute.title = title
Note: If you want to add users from two different groups (for example, Marketing and Sales) but Team Studio supports only one LDAP group, you have two options: -
Restart
Team Studio as follows after making changes to
ldap.properties:
$ chorus_control.sh restart
- Bulk import LDAP users with a rake command. This rake task reads the LDAP configuration from the ldap.properties file and imports users from the LDAP group specified in the ldap.group.names property into the Team Studio database.
Related concepts
Copyright © Cloud Software Group, Inc. All rights reserved.