This section gives examples of how to set the exauth.properties file when using an LDAP directory server to perform authentication.
-
When directly specifying information about an LDAP directory server (when linking to only an external authentication server)
auth.server.type=ldap auth.server.name=ServerName auth.group.mapping=false auth.ocsp.enable=false auth.ocsp.responderURL= auth.ldap.ServerName.protocol=ldap auth.ldap.ServerName.host=ldap.example.com auth.ldap.ServerName.port=389 auth.ldap.ServerName.timeout=15 auth.ldap.ServerName.attr=sAMAccountName auth.ldap.ServerName.basedn=dc=Example,dc=com auth.ldap.ServerName.retry.interval=1 auth.ldap.ServerName.retry.times=20 auth.ldap.ServerName.dns_lookup=false
-
When using the DNS server to look up an LDAP directory server (when linking to only an external authentication server)
auth.server.type=ldap auth.server.name=ServerName auth.group.mapping=false auth.ldap.ServerName.protocol=ldap auth.ldap.ServerName.timeout=15 auth.ldap.ServerName.attr=sAMAccountName auth.ldap.ServerName.basedn=dc=Example,dc=com auth.ldap.ServerName.retry.interval=1 auth.ldap.ServerName.retry.times=20 auth.ldap.ServerName.domain.name=EXAMPLE.COM auth.ldap.ServerName.dns_lookup=true
-
When directly specifying information about the LDAP directory server (when also linking to an authorization server)
auth.server.type=ldap auth.server.name=ServerName auth.group.mapping=true auth.ocsp.enable=false auth.ocsp.responderURL= auth.ldap.ServerName.protocol=ldap auth.ldap.ServerName.host=ldap.example.com auth.ldap.ServerName.port=389 auth.ldap.ServerName.timeout=15 auth.ldap.ServerName.attr=sAMAccountName auth.ldap.ServerName.basedn=dc=Example,dc=com auth.ldap.ServerName.retry.interval=1 auth.ldap.ServerName.retry.times=20 auth.ldap.ServerName.domain.name=EXAMPLE.COM auth.ldap.ServerName.dns_lookup=false
-
When using the DNS server to look up the LDAP directory server (when also linking to an authorization server)
auth.server.type=ldap auth.server.name=ServerName auth.group.mapping=true auth.ldap.ServerName.protocol=ldap auth.ldap.ServerName.timeout=15 auth.ldap.ServerName.attr=sAMAccountName auth.ldap.ServerName.basedn=dc=Example,dc=com auth.ldap.ServerName.retry.interval=1 auth.ldap.ServerName.retry.times=20 auth.ldap.ServerName.domain.name=EXAMPLE.COM auth.ldap.ServerName.dns_lookup=true
-
When using a redundant configuration
auth.server.type=ldap auth.server.name=ServerName1,ServerName2 auth.ldap.multi_domain=false auth.group.mapping=false auth.ldap.ServerName1.protocol=ldap auth.ldap.ServerName1.host=ldap1.example.com auth.ldap.ServerName1.port=389 auth.ldap.ServerName1.timeout=15 auth.ldap.ServerName1.attr=sAMAccountName auth.ldap.ServerName1.basedn=dc=Example,dc=com auth.ldap.ServerName1.retry.interval=1 auth.ldap.ServerName1.retry.times=20 auth.ldap.ServerName2.protocol=ldap auth.ldap.ServerName2.host=ldap2.example.com auth.ldap.ServerName2.port=389 auth.ldap.ServerName2.timeout=15 auth.ldap.ServerName2.attr=sAMAccountName auth.ldap.ServerName2.basedn=dc=Example,dc=net auth.ldap.ServerName2.retry.interval=1 auth.ldap.ServerName2.retry.times=20
-
When using a multi-domain configuration
auth.server.type=ldap auth.server.name=ServerName1,ServerName2 auth.ldap.multi_domain=true auth.group.mapping=false auth.ldap.ServerName1.protocol=ldap auth.ldap.ServerName1.host=ldap1.example.com auth.ldap.ServerName1.port=389 auth.ldap.ServerName1.timeout=15 auth.ldap.ServerName1.attr=sAMAccountName auth.ldap.ServerName1.basedn=dc=Example,dc=com auth.ldap.ServerName1.retry.interval=1 auth.ldap.ServerName1.retry.times=20 auth.ldap.ServerName1.domain=example.com auth.ldap.ServerName2.protocol=ldap auth.ldap.ServerName2.host=ldap2.example.com auth.ldap.ServerName2.port=389 auth.ldap.ServerName2.timeout=15 auth.ldap.ServerName2.attr=sAMAccountName auth.ldap.ServerName2.basedn=dc=Example,dc=net auth.ldap.ServerName2.retry.interval=1 auth.ldap.ServerName2.retry.times=20 auth.ldap.ServerName2.domain=example.net