ActiveMatrix BPM: LDAP Configuration

Field/Button	Description
Deploy Internal LDAP Server	Whether to use the internal LDAP Directory Server provided with ActiveMatrix BPM. When selected, the Port Number field is enabled. Note: If this BPM system is distributed across different machines (to provide high availability and/or scalability), an external LDAP server must be used. See Additional System Requirements for a Distributed BPM System. Note: If the internal LDAP Directory Server has already been deployed on this machine (when configuring another BPM system), you must select Use External LDAP Server instead of this option. Do not deploy a second instance of the internal LDAP Directory Server to the same machine. Default: Selected build.properties entry: `bpm.ldap.useinternal`
Port Number	Port number used by the internal LDAP server. Default: 10801 build.properties entry: `bpm.ldap.internal.port`
Use External LDAP Server	Whether to use an external LDAP directory server (see Configuring the External LDAP Directory Server). When selected, the LDAP Provider Details fields are enabled. Default: Cleared build.properties entry: None. This option is automatically selected if `bpm.ldap.useinternal=false`.
Provider Details:
URL	URL used to log in to the external LDAP server. Default: ldap://localhost:10389 build.properties entry: `bpm.ldap.url`
Base DN	Base Distinguished Name (DN) from which to search/navigate the LDAP directory. Default: OU=system build.properties entry: `bpm.ldap.basedn`
Username	Distinguished Name of the LDAP user who will be used as the tibco-admin user for this BPM system. Note: This user must have (at least) read access to the LDAP directory specified by Base DN. Default: uid=admin,ou=system build.properties entry: `bpm.ldap.username`
Password	Password of the specified LDAP user. build.properties entry: `bpm.ldap.password`
LDAP Server is SSL Enabled	Whether the external LDAP server is enabled for SSL. When selected, the SSL Trust Store Configuration fields are enabled. Note: If this BPM system is distributed across different machines (to provide high availability and/or scalability), the Trust Store Location must be `SHARED_DIR`\keystores - see Shared File System. build.properties entry: `bpm.ldap.enablessl`
Test Connection	Verifies that TIBCO Configuration Tool can connect to the LDAP server using the information supplied on this page.
SSL Trust Store Configuration:
Create a Trust Store	Obtains certificates from the specified LDAP server and creates a new trust store, which will be used to establish the trust relationship with the external LDAP server: Click Create a Trust Store. Specify a password to protect the keystore and click Next . The SSL setup wizard displays the certificates imported from the external LDAP server. In the Trust Selected Certifications area, select the certificates to trust and click Finish. The wizard fills in the Keystore Location, Keystore Type, and Keystore Password fields. If you do not click Create a Trust Store, you must specify the details of an existing trust store that can be used to establish the trust relationship with the external LDAP server.
Trust Store Location	Either: the location in which the created trust store will be stored, or the location of the trust store to be uploaded to ActiveMatrix Administrator. (You can either type this directly or use the Browse button to find it.) build.properties entry: `bpm.ldap.keystorelocation`
Trust Keystore Type	The type of the created or uploaded trust store: JKS or JCEKS. Default: JKS. build.properties entry: `bpm.ldap.keystoretype`
Trust Store Password	Either: the password specified in the Create a Trust Store wizard, or the password required to access the trust store that is to be uploaded. build.properties entry: `bpm.ldap.keystorepassword`

Copyright © Cloud Software Group, Inc. All rights reserved.