How to Authenticate GroupWise Users to Active Directory using LDAP

Retain is setup to archive from GroupWise, yet the e-mail system has changed to Exchange, or Office 365. Users still want to authenticate via LDAP, but go through Active Directory to view their archived messages.  

How do you authenticate using GroupWise users to Active Directory LDAP?

1.     Update to Retain 4.3. Previous versions of Retain do not have the ability to authenticate via LDAP with Active Directory. For previous versions, please contact support. 

2.     Go into the GroupWise module | Configure | LDAP

3.     Fill out the LDAP information to connect to the Active Directory. Save the changes. 

4.     Stop the Retain-tomcat service. 

5.     Navigate to the [Linux]: /opt/beginfinite/retain/RetainServer/WEB-INF/classes/config directory.

                                   [Windows]: C:\Program Files\beginfinite/retain/RetainServer/WEB-INF/classes/config directory.      

      6. Edit the file: misc.properties

      7. Look for the lines that read:  

                        custom.ldap.enable=0
                        custom.ldap.debug=1
                        custom.ldap.class=com.gwava.authenticate.gw.CustomLDAPAuthenticatorMethod 

      8. Change the custom.ldap.enable=0  to 1

      9. Change the custom.ldap.class line to:
         custom.ldap.class=com.gwava.authenticate.gw.AlternativeGWLDAPAuthentication

     10. Save the file. Restart Tomcat. 

Users can log in via the GroupWise credentials, however, if the users have never logged into Retain with GroupWise they will not be able to view their archives since GroupWise no longer exists. Authenticating via LDAP to Active Directory remedies that issue and allows users to view their archived messages

·         Make a copy of the misc.properties before editing in case the file needs to be restored, or referred to for any reason. 

·         The LDAP authentication only works if the user's e-mail matches both in GroupWise and Exchange.