To use the ES security information in LDAP, you will need to configure ES security:
- Create one or more Security Managers to connect to your LDAP server. You need to set various attributes for these managers:
- The module name to
mldap_esm
- The connection path to ldap://servername (or ldaps://servername to use an SSL-secured connection, if your LDAP client and server support SSL)
- The authorized ID and password to the name (usually a DN) and password of an account that has at least read permission for the ES objects in the directory
- In the Configuration Information area, you will probably need to add a number of directives to alter the default behavior, for container DNs, user class, and so forth. For example, when using Windows users for ES, a typical configuration would be:
[LDAP]
base=domain-DN
user container=CN=users
group container=CN=Enterprise Server User Groups,CN=Micro Focus,CN=Program Data
resource container=CN=Enterprise Server Resources,CN=Micro Focus,CN=Program Data
user class=user
[Verify]
mode=bind
password type=AD
- Alter the security configuration for MF Directory Server, ES Default Security, and/or specific ES servers to use your new Security Manager
See
MLDAP ESM Module for information on configuring the module to match your AD setup.