Configure portal with LDAP

From Gcube Wiki
Jump to: navigation, search

Configure LDAP directory in liferay portal for import/export of users

Once portal is up and running, in order to synchronize liferay users with LDAP the following configuration needs to be performed with administrator privileges on the portal.

Login as portal administrator and navigate to Control Panel>Settings>Authentication>LDAP

Configure the following:

  • Enabled: true
  • Required: false(if set to true, users will be authenticated against LDAP directory)

Configure "Connection" section as follows to connect with

  • Base Provider URL: ldap://
  • Base DN: dc=research-infrastructures,dc=eu
  • Principal: cn=d4sadmin,ou=System,dc=research-infrastructures,dc=eu
  • Credentials: <<appropriate credentials>>

Configure "Users" section as follows

  • Authentication Search Filter: (uid=@screen_name@)
  • Import Search Filter: (objectClass=inetOrgPerson)

Configure "User Mapping" section as follows

  • Screen Name: uid
  • Password: userPassword
  • Email Address: mail
  • Full Name: cn
  • First Name: givenName
  • Last Name: sn

Configure "Import / Export" section as follows

  • Import Enabled: true (This setting imports all users in LDAP into the LR portal DB)
  • Import on Startup Enabled: true
  • Import Interval: 10 Minutes (periodic checking for new users in LDAP, that subsequently will be imported to LR portal DB)
  • Export Enabled: true (This setting exports users as and when they are registered/created in LR portal to LDAP)
  • Users DN: ou=People,o=Liferay,ou=Organizations,dc=research-infrastructures,dc=eu
  • User Default Object Classes: top,person,inetOrgPerson,organizationalPerson

Do not forget to *SAVE* the settings once they are done. All the fields other than what is mentioned above should be left blank.