LDAP authentication is the mechanism that allows users to authenticate into Clarive by checking their passwords against an LDAP database.
The advantage of using LDAP authentication is that passwords do not need to be stored in Clarive, but are instead held centrally on an LDAP server.
Access to Clarive environment configuration files is necessary in order to set up the LDAP authentication mechanism. These are YAML files, and accessing them is detailed at http://docs.clarive.com/setup/config-file
Under the key
baseliner: authentication: ldap: we configure the LDAP binding credentials and server information:
baseliner: authentication: ldap: credential: class: Password password_field: password password_type: self_check store: binddn: uid=<ldap-user-id>,ou=XXXXX,o=XXXXXX bindpw: <bind-password> ldap_server: <server-ip> ldap_server_options: port: 1389 timeout: 30 use_roles: 0 user_basedn: ou=XXXXXXXXXX,ou=XXXXXXXXXX,o=XXXXXXX,o=XXXXXXX user_field: uid user_filter: (&(objectclass=person)(uid=%s))
Some of the fields that are required:
binddn- Contains the user id and its domain namespace.
bindpw- The password.
ldap-server- The IP of the LDAP server.
user_basedn- The domain namespace where the user names are found.
user_field- The LDAP field that cointains the user.
user_filter- Used to parse the user id from the LDAP information.