...
1. A sample user-mgt.xml configuration file for Active Directory is available here.as follows:
| Code Block | ||
|---|---|---|
| ||
<UserStoreManager class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager">
<Property name="ReadOnly">true</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="ConnectionURL">ldap://10.100.1.211:389</Property>
<Property name="ConnectionName">cn=Administrator,cn=users,dc=wso2,dc=lk</Property>
<Property name="ConnectionPassword">admin123</Property>
<Property name="UserSearchBase">cn=users,dc=wso2,dc=lk</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserNameAttribute">sAMAccountName</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="GroupSearchBase">cn=users,dc=wso2,dc=lk</Property>
<Property name="GroupNameListFilter">(objectcategory=group)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MemberOfAttribute">memberOf</Property>
<Property name="Referral">follow</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="BackLinksEnabled">true</Property>
</UserStoreManager > |
2. Find a valid user that resides in the Directory Server. For example, let's say a valid user name is "AdminSOA." Update the Admin user section of your LDAP configuration as follows.
| Info | title | Note
|---|
You don't do not have to update the password element. Just leave it as it is. |
...
Following are the properties related to reading roles based on a backlink attribute.
| Code Block |
|---|
<Property name="ReadLDAPGroups">true</Property>
<Property name="GroupSearchBase">cn=users,dc=wso2,dc=lk</Property>
<Property name="GroupSearchFilter">(objectcategory=group)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MemberOfAttribute">memberOf</Property>
|
See detailed descriptions of each of the above-mentioned properties here.
| Excerpt | ||
|---|---|---|
| ||
Instructions on how to configure an external Active Directory User Store. |