Follow

Traverse: Authenticate against windows active directory (ldap)

Traverse provides customizable framework for validating login user name and passwords against external source, including Radius, Kerberos, LDAP, etc. The "External Authentication" section of Traverse Developer's Guide (available from http://zyrion.com/support/docs/) provides detailed information regarding how to leverage this feature. Here is a sample script that can be used to authenticate against Active Directory. Please review above document for limitations.

In order to use this script, extract the script from the attached ZIP archive and place it under plugin/auth directory on the BVE server. It may be necessary to install Net::LDAP and Getopt::Long Perl modules if not available on the server already:

Code:
(Linux/Solaris)
su
perl -MCPAN -e 'install Net::LDAP'
perl -MCPAN -e 'install Getopt::Long'
Next, edit etc/emerald.xml and remove/comment out (enclose in <!-- -->) the following section:

Code:
<authentication method="des"
class=""
execute=""
parameters=""
timeout=""
/>
and add the following configuration block in it's place:

Code:
<authentication
method="script"
class=""
execute="ldap_auth.pl"
parameters="--server n.n.n.n --user ${username} --password ${password} --domain myCompany.com"
/>
Replace n.n.n.n with the IP address of the Domain Controller and myCompany.com with the local AD domain name. Finally, restart the Web Application using "etc/webapp.init restart" on Linux/Solaris or Service Controller on Windows.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.