...
Code Block | ||||
---|---|---|---|---|
| ||||
<UserManager> <Realm> <Configuration> <AdminRole>admin</AdminRole> <AdminUser> <UserName>admin</UserName> <Password>XXXXXX</Password> </AdminUser> <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in thsi role sees the registry root --> <Property name="dataSource">jdbc/WSO2CarbonDB</Property> <Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder</Property> </Configuration> <UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager"> <Property name="ConnectionURL">ldap://localhost:10389</Property> <Property name="ConnectionName">uid=admin,ou=system</Property> <Property name="ConnectionPassword">admin123</Property> <Property name="UserSearchBase">ou=system</Property> <Property name="UserNameListFilter">(objectClass=person)</Property> <Property name="UserNameAttribute">uid</Property> <Property name="ReadLDAPGroups">false</Property> <Property name="GroupSearchBase">ou=system</Property> <Property name="GroupNameSearchFilter">(objectClass=groupOfNames)</Property> <Property name="GroupNameAttribute">cn</Property> <Property name="MembershipAttribute">member</Property> </UserStoreManager> </Realm> </UserManager> |
...
- A sample file for Active Directory is given below:
Code Block | ||||
---|---|---|---|---|
| ||||
<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>XXXXXX</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName>
<!-- By default users in thsi role sees the registry root -->
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
<Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder</Property>
</Configuration>
<!-- Active directory configuration follows -->
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">>
<Property name="ConnectionURL">ldap://10.100.1.211:389</Property>
<Property name="ConnectionName">cn=Administrator,cn=users,dc=wso2,dc=lk</Property>
<Property name="ConnectionPassword">admin123</Property>
<Property name="UserSearchBase">cn=users,dc=wso2,dc=lk</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserNameAttribute">sAMAccountName</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="GroupSearchBase">cn=users,dc=wso2,dc=lk</Property>
<Property name="GroupNameSearchFilter">(objectcategory=group)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
</UserStoreManager>
</Realm>
</UserManager> |
...
Step 1 : Back-up the <carbon-home>/repository/conf/user-mgt.xml file. A sample file for JDBC user store (user-mgt-jdbc.xml) is available in <carbon-home>/repository/conf directory . Download the relevant file and save it as <carbon-home><IS_HOME>/repository/conf/user-mgt.xml. Note the following in your file.
...
Step 2 : Find a valid user that resides in the RDBMS. For example, say a valid username is "AdminSOA". Update the Admin user section of your ldap configuration as follows. You don't have to update the password element; leave it as it is.
...
Step 6 : Enable JDBCTenantManager in <IS_HOME>/repository/conf/tenant-mgt.xml file, and comment-out the config section for CommonHybridLDAPTenantManager.
...