To use the ES security information in LDAP, you will need to configure ES security:
- Create one or more Security Managers to connect to your LDAP server. On the
Add Security Manager page, you need to set various attributes for these managers:
- From the
Enterprise Server Administration home page, click
Security on the left pane.
This opens the
Configure Security Options page.
- On the
Security Managers tab, click
Add.
This opens the
Add Security Manager page.
- Type a descriptive name in the
Name field.
- Type
mldap_esm in the
Module field.
- Type the connection path and port number to your LDAP server in the
Connection Path field.
Note: ldap://servername or
ldaps://servername to use an SSL-secured connection, if your LDAP client and server support SSL.
- Type the credentials that the MLDAP ESM module requires to connect, in the
Authorized ID and
Password fields.
The user should have read, write and modify access to the Enterprise Server user, group and resource objects in the LDAP repository.
- The
Cache limit parameter is currently ignored by the ESM Module.
- The
Cache TTL parameter is currently ignored by the ESM Module.
- Type a description in the
Description field.
- In the
Configuration Information field, add a number of directives to alter the default behaviour. Configure this for your particular LDAP repository. A typical
configuration would be:
[LDAP]
base=CN=Micro Focus,CN=Program Data,DC=somecorp,DC=com
user container=CN=user-container
group container=CN=group-container
resource container=CN=resource-container
[Verify]
Mode=MF-hash
- Click
Add.
This adds the security manager to the
Security Manager Pool.
- Alter the security configuration for MF Directory Server, ES Default Security, and/or specific ES servers to use your new
Security Manager
See
MLDAP ESM Module for information on configuring the module to match your AD setup. Also, see
Configuring the ESF LDAP Security Administration Web Interface for an example use of the configured security manager.