Environment
Situation
Resolution
Using the GroupWise e-mail addresses
stored in the Retain database, Retain can use LDAP to connect to an active
directory, and have users authenticate to view their archived messages. The following conditions must be bet in
order to authenticate to LDAP with Active Directory.
- The user must exist in GroupWise and have archives in Retain.
- Retain 4.3 or above must be installed.
- The e-mail addresses on Exchange/Office365 and GroupWise must be the same. New users in Exchange/Office 365 that do not have a GroupWise counterpart will not be able to authenticate.
Once the conditions have been met, proceed with setting up Retain to LDAP and Active Directory in Retain:
- Setup the LDAP in the GroupWise Module
a. Go to Module Configuraton | Configure (GroupWise
Module) | LDAP
b. Enable the Email Address lookup and fill in the fields with the Active Directory information.
- 2. Go to the /opt/beginfinite/retain/RetainServer/WEB-INF/classes/config directory (C:\Program Files/Beginfinite/retain/RetainServer/WEB-INF/classes/config- Windows)
a. Edit the misc.properties.
Note: It is highly recommended to make a copy
of the misc.properties file before making any changes.
b. Look for the custom.ldap lines and use the example below to make the changes to enable the Active Directory lookup.
custom.ldap.enable=1
custom.ldap.debug=1
custom.ldap.class=com.gwava.authenticate.gw.AlternativeGWLDAPAuthentication
custom.ldap.useuid=0
custom.ldap.applicationuid=0
custom.ldap.emailsystem=exchange
custom.ldap.attributes.requested=mail
custom.ldap.attributes.bind=email
c. Save the file
d. Restart tomcat
Once these settings are in place, users only need to use their e-mail address to log in to Retain and they will be able to view their archives. Retain will do a check to see if the GroupWise e-mail matches with that of the Exchange/Office365 e-mail and log them in if found.