Content Gateway Security > Content Gateway user authentication > LDAP authentication
|
If rule-based authentication will be used, configure LDAP authentication through the Rule-Based Authentication option. However, read this section to become familiar with LDAP features and restrictions.
|
1.
|
Go to Configure > My Proxy > Basic > General.
|
2.
|
4.
|
Go to Configure > Security > Access Control > LDAP.
|
6.
|
7.
|
Enable Secure LDAP if you want the proxy to use secure communication with the LDAP server. Secure communication is performed on port 636 or 3269. Change the port value in the previous field, if necessary.
|
|
Microsoft Active Directory (sAMAccountName) sets the type to sAMAccountName (default).
|
|
Microsoft Active Directory (userPrincipalName) sets the type to userPrincipalName.
|
|
Other sets the type to uid for eDirectory or other directory services.
|
9.
|
Enter the Bind Distinguished Name (fully qualified name) of a user in the LDAP-based directory service. For example:
|
11.
|
Enter the Base Distinguished Name (DN). Obtain this value from your LDAP administrator.
|
12.
|
Click Apply.
|
13.
|
|
1.
|
When modifying this value, you must update the value of proxy.config.ldap.cache.size proportionally. For example, if you double the storage size, also double the cache size.
Modifying this variable without modifying proxy.config.ldap.cache.size causes the LDAP subsystem to stop functioning.
|
4.
|
From the Content Gateway bin directory (/opt/WCG/bin), run content_line -L to restart the proxy on the local node or content_line -M to restart the proxy on all the nodes in a cluster.
|
1.
|
2.
|
Add following entry to records.config:
|
3.
|
Navigate to Configure > Security > Access Control > LDAP and change the port to 3269.
|
Content Gateway Security > Content Gateway user authentication > LDAP authentication
|