Last modified on 29 September 2020, at 11:53

LDAP

Revision as of 11:53, 29 September 2020 by DST (Talk | contribs) (Created page with "To perfrom a succesfull authentication against a LDAP Server with UBIK, you need to create an instance of each of the following Classes: LoginLDAP Object The Login Objec...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

To perfrom a succesfull authentication against a LDAP Server with UBIK, you need to create an instance of each of the following Classes:


LoginLDAP Object The Login Object used to authenticate against the LDAP Server

LoginName

The name of the Login object. The name of the Login Object must be identical to the one specified on the LDAP Server.

Use Domain Credentials

This setting must be set to "True" in order to perform your authentication against the LDAP Server. If set to "False" UBIK will perform it´s authentication against the internal UBIK Database.

Identifier

The Identifier property specifies a "unique identifier" for an object represented in the LDAP Directory. The domain within which the identifier is unique, and the exact semantics of the identifier, are for local definition. Example for valid Identifier: "uid","cn"...

Searchbase

The Searchbase defines the starting point for the search in the directory tree. A valid Searchbase would be for example: "dc=klu,dc=augmensys"

LDAPGroup

LDAPGroup is a referenceproperty in which the belonging LDAPGroup object needs to get dragged in


LDAPGroup Object

BaseDN

The BaseDN defines the starting point for the search of users of a certain User Group. A valid BaseDN would be for example: "ou=people,dc=klu,dc=augmensys"

GroupIdentifier

The GroupIdentifier acts as a Filter and is the key element in defining the criteria used to identify entries in search requests. A valid Filter would be: "(&(objectClass=inetOrgPerson)(objectClass=top))"

LDAPService

LDAPService is a referenceproperty in which the belonging LDAPService object needs to get dragged in.


==LDAP Service==

BaseproviderURL

The url to a LDAP Server you want to authenticate against. A valid LDAP url looks like this: "LDAP://192.168.1.75:389"

Principal

If not defined differently, to authenticate against a LDAP Server you need a Service Account which has the rights to look up the specified LDAP Server. A valid DN belongs into the Principal property, for example: "cn=admin,dc=klu,dc=augmensys"

Credentials

The password for the Service Account.

Searchbase

The Searchbase defines the starting point for the search of the Admin User in the directory tree. A valid Searchbase would be for example: "dc=klu,dc=augmensys"