3.2.3 Registering information in the configuration file for external authentication server linkage

In the configuration file for external authentication server linkage (exauth.properties), register information necessary for Active Directory linkage.

The configuration file for external authentication server linkage is stored in the following folder:

Common-Component-installation-folder\conf or /opt/HiCommand/Base64/conf

Table 3‒5: Information that can be registered in the configuration file for external authentication server linkage
Key name	Settings	Definition
auth.server.type	ldap (fixed)	Required
auth.server.name	Server identifier	Required
auth.group.mapping	true: Link groups. false: Do not link groups.	Required
auth.ldap.`server-identifier`.protocol	ldap: Performs communication by using plain text tls: Performs communication by using StartTLS	Required
auth.ldap.`server-identifier`.host	Host name or IP address of the LDAP directory server	Optional^#1
auth.ldap.`server-identifier`.port	Port number of the LDAP directory server	Optional
auth.ldap.`server-identifier`.timeout	Connection timeout period (seconds) for the LDAP directory server	Optional
auth.ldap.`server-identifier`.retry.interval	Interval (seconds) between retries, in the event of a failed connection to the LDAP directory server	Optional
auth.ldap.`server-identifier`.retry.times	Number of retries, in the event of a failed connection to the LDAP directory server	Optional
auth.ldap.`server-identifier`.domain.name	Domain name	Optional^#2
auth.ldap.`server-identifier`.dns_lookup	true: Use DNS to search for the LDAP directory server. false: Do not use DNS to search for theLDAP directory server.	Optional

#1

You must specify this property if auth.ldap.server-identifier.dns_lookup is set to false.

If "tls" is specified for "auth.ldap.server-identifier.protocol", it is necessary to specify the same host name as the CN of the server certificate of the LDAP directory server. An IP address cannot be used.

#2

You must specify this property if either of the following conditions exists:

auth.group.mapping is set to true.
auth.ldap.server-identifier.dns_lookup is set to true, and auth.ldap.server-identifier.host is omitted.