4.2 Setup preparations when using Active Directory for user authentication
If you want to use Active Directory for user authentication, you must first change the property ucnp.setup.server.ldap.directory.kind in the user setup property file (ucnp_setup_user.properties) from its default value to AD.
Then, by contacting the Active Directory administrator or by other means, gather the information listed below. The name of the corresponding property in the user setup property file is indicated in parentheses.
-
Communication protocol of the Active Directory (ucnp.setup.server.ldap.protocol)
This information must be specified when LDAPS is used for the communication protocol.
-
Name of the Active Directory server (ucnp.setup.server.ldap.hostname)
-
Port number to use when connecting to Active Directory (ucnp.setup.server.ldap.port)
-
Distinguished name (DN) of the Active Directory authenticator user (ucnp.setup.server.ldap.java.naming.security.principal)
-
Active Directory authenticator password (ucnp.setup.server.ldap.java.naming.security.credentials)
-
Base DN to start searching for Active Directory user (ucnp.setup.server.ldap.com.cosminexus.admin.auth.ldap.basedn)
The value specified here must refer to a node that is above the user to be authenticated and that can be searched by Active Directory.
-
Base DN to start searching for Active Directory group (ucnp.setup.server.ldap.group.basedn)
The value specified here must refer to a node that is above the group to be used in the Navigation Platform access permission settings and that can be searched by Active Directory.
In cases where you want to specify a value other than the default, or the settings need to be configured explicitly, change the values of properties listed in parentheses. For details about the values specified for each property, see 8.3.3 Details about the properties in the user setup property file.