Configuring Teaming 1.x to use LDAP authentication/synchronization against Active Directory

  • 7002897
  • 02-Apr-2009
  • 27-Apr-2012

Environment

Products:
Novell Teaming 1.0
Novell Teaming 1.0 Support Pack 1
Novell Teaming 1.0 Support Pack 2
Novell Teaming 1.0 Support Pack 3

Configuration:
Novell Teaming is installed correctly.

Situation

Purpose:
The purpose for this document is to show how to get Teaming 1.x to preform LDAP authentication and synchronization against Active Directory.  Before using this TID it will be necessary to read the
Novell Teaming Documentation on configuring LDAP.

Resolution

There are two locations within Teaming that must be configured for LDAP. 

The first is in the Liferay Administration portlet which deals with Authentication.

This configuration is under the Settings, Authentication, LDAP, Connection Settings tab.
In this section provide the following:
 
Base Provider URL - LDAP server ip address or dns name (example:
ldap://ldap.server.com:389)
Base DN - Where to start searching from (example: ou=something)
Principal - AD userid who can login and search through AD
Credentials - Password for the Principal

Then provide a LDAP search filter that identifies users (this replaces the default (uid=@screen_name@):

(&(objectClass=person)(sAMAccountName=@screen_name@))

Then provide a list of attributes in Liferay and the equal attributes being pulled from AD via LDAP:

screenName=sAMAccountName
emailAddress=email
firstName=givenName
lastName=sn
jobTitle=title

Note: It is best to use a simple LDAP browser to connect to AD via LDAP and lookup the attribute names.


The second location is the Novell Teaming Administration portlet under the "Configure LDAP" option.

Expand the Connection section and provide the following information:

URL - LDAP server ip address or dns name and Base DN (example: ldap://ldap.server.com:389/o=something)
Principal - AD userid who can login and search through AD
Credentials - Password for the Principal

Do not fill in the Search DN unless the groups are in a different BaseDN than the users.

Then provide an LDAP attribute that identifies the users (this replaces the default of "uid"):

sAMAccountName

Then provide a list of attributes in Teaming and the equal attributes being pulled from AD via LDAP:

emailAddress=email
firstName=givenName
lastName=sn
jobTitle=title
phone=telephoneNumber

Note: It is best to use a simple LDAP browser to connect to AD via LDAP and lookup the attribute names.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.