Ldap

From ADempiere
Revision as of 02:55, 24 March 2008 by Daniel.Norin (Talk)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
This Wiki is read-only for reference purposes to avoid broken links.

Adempiere can authenticate its users using LDAP. LDAP is a protocol that's understood by for instance Windows Active Directory servers.

How to set up LDAP/AD authentiaction in Adempiere

  • Login as SuperUser, Role SystemAdministrator.
  • Open Window from Menu: System Admin/General Rules/System Rules/System
    • Here You can find fields:
LDAP URL: LDAP Domain:
in LDAP URL You should put url to access Your AD: ldap://ad.example.com/
in LDAP Domain You should put namespace where You have user defintions: ou=people,dc=example,dc=com

With this You are pretty much set at system level (Well it would be nice if this would be on the Client level).

Now you should logout and login in role ClientAdmin for your client.

  • Open window from Menu: System Admin/General Rules/Security/User
  • Find user You want to be authenticated via LDAP.
You will find field: LDAP User Name Here You enter username (I think it is cn for AD) for this user in LDAP.

This should be it. Actually in code it creates something like this: username@domain

For OpenLDAP we have to change the code in file dbPort/src/org/compiere/db/LDAP.java from: 

StringBuffer principal = new StringBuffer (userName).append("@").append(domain);

to 

StringBuffer principal = new StringBuffer ("uid=").append(userName).append(",").append(domain);

As we use namespace uid=username,domain_string_from_system

Information contributed by Matjaz Godec (agenda_gm)

Retrieved from "http://www.adempiere.com/index.php5?title=Ldap&oldid=17165"