Support for external authentication via non-Microsoft LDAP servers
User is unable to access ALM via external authentication other than Microsoft LDAP
Previous versions of ALM only support Microsoft LDAP. ALM uses "userAccountControl", which is a Microsoft LDAP specific attribute. This attribute is not commonly used by other LDAP products.
To support different LDAP servers, add the following site parameters:
EXTERNAL_VALIDATE_ATTR_IN_LDAP: Set the LDAP attribute to validate the user according to your LDAP server configuration.
EXTERNAL_VALIDATE_ATTR_TRUE_VALUE: Set the LDAP attribute value to indicate that the user is active in ALM (for example, 'TRUE').
If EXTERNAL_VALIDATE_ATTR_IN_LDAP is not set, ALM uses the âuserAccountControlâ attribute.
If EXTERNAL_VALIDATE_ATTR_IN_LDAP is set, ALM uses this attribute and compares its real value with EXTERNAL_VALIDATE_ATTR_TRUE_VALUE, if the 2 values match, the authentication succeeds, otherwise it fails.