Follow

Traverse: Authenticate against windows active directory (ldap)

Traverse provides customizable framework for validating login user name and passwords against external source, including Radius, Kerberos, LDAP, etc. The "External Authentication" section of Traverse Developer's Guide (available from http://help.kaseya.com/webHelp/EN/TV/9040000/DEV/#30295.htm) provides detailed information regarding how to leverage this feature. Here is a sample script that can be used to authenticate against Active Directory. Please review above document for limitations.

In order to use this script, extract the script from the attached ZIP archive and place it under plugin/auth directory on the BVE server. It may be necessary to install Net::LDAP and Getopt::Long Perl modules if not available on the server already:

win32_libs.zip (attached) contains the required libraries if needed. Please unzip them in C:\Program Files (x86)\Traverse\plugin\auth) and add the following line just above 'use File::Basename;' in the attached "ldap_auth.pl". If you have installed Traverse to the default location, 'C:/Program Files (x86)/Traverse' then the path should be as below. Otherwise please replace 'C:/Program Files (x86)/Traverse' with the path to your Traverse installation directory.

use lib "C:/Program Files (x86)/Traverse/plugin/auth/win32_libs";

Code:
(Linux/Solaris)
su
perl -MCPAN -e 'install Net::LDAP'
perl -MCPAN -e 'install Getopt::Long'
Next, edit etc/emerald.xml and remove/comment out (enclose in <!-- -->) the following section:

Code:
<authentication method="des"
class=""
execute=""
parameters=""
timeout=""
/>
and add the following configuration block in it's place:

Code:
<authentication
method="script"
class=""
execute="ldap_auth.pl"
parameters="--server n.n.n.n --user ${username} --password ${password} --domain myCompany.com"
/>
Replace n.n.n.n with the IP address of the Domain Controller and myCompany.com with the local AD domain name. Finally, restart the Web Application using "etc/webapp.init restart" on Linux/Solaris or Service Controller on Windows.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.