cancel
Showing results for 
Search instead for 
Did you mean: 
EQNish
Level 7

LDAP Settings for Webgateway 7

Jump to solution

I'm tring to configure web Gate way 7 for remote LDAP configuration, and can not get it to work at all, the Product guid is HIGHLY lacking in detailed information (such as the proper format for OU mapping).. Can any one give me a step by step guid for the external database connection for administrators authentication, and for user authentication?

Also if there is a more detailed administrators guide could some one send me a link?

0 Kudos
1 Solution

Accepted Solutions
Troja
Level 14

Re: LDAP Settings for Webgateway 7

Jump to solution

Witch Version of Webgateway 7 are you using? Are you using Server 2003, Server 2008 or Server 2008R2

It´s working fine within my WW7 Cluster.

Authentication Server Details.

ldap Server String: ldap://192.x.x.x:389

Credentials: cn=Administrator,cn=Users,dc=testdomain,dc=test

Enable LDAP version 3 is enabled

Base distinguished name for user objects: dc=testdomain,dc=test

Map user dame to DN: is enabled

Filter expression: (samaccountname=%u)

Get user attributes: is enabled

User attributes to retreive: cn

Get group attributes: is enabled

Base distinguished name for group objects: dc=testdomain,dc=test

Group attributes to retreive: cn

Now you only have to define the Group mappings under Role mapping.

cheers, Thorsten

0 Kudos
9 Replies

Re: LDAP Settings for Webgateway 7

Jump to solution

Have you used LDAP in a previous version ?

We are using LDAP on V6.8.6.

You need to setup the LDAP server IP address, LDAP username with the correct ou mapping eg, cn=wwuser,ou=admin,o=company, password, Base DN to Users eg ou=users,o=company

We are using eDirectory LDAP so we have a lookup filter:

(&(ObjectClass=user)(loginTime>=%u))

and a Novell eDirectory network address attribute of:

NetworkAddress loginTime

This will ask the LDAP server for each User logged in, their network address and their login time.

Let me know if that helps.

Regards

Drew

0 Kudos
eelsasser
Level 15

Re: LDAP Settings for Webgateway 7

Jump to solution

Keep in mind that eDirectory "Authentication" is different than LDAP authentication.

True LDAP authentication binds the username and password and tries to actually logon to the LDAP server.

eDirectory "Authentication" has a service account that queries eDir with the IP address of the client and eDir responds back with a user of the person last seen at that IP address.

I just wanted to make that distiction, but glad to hear you got it working.

0 Kudos
Troja
Level 14

Re: LDAP Settings for Webgateway 7

Jump to solution

Hi Erik,

will be eDirectory Authentication possible for managing administrative Accounts?

Best regards,

Thorsten

0 Kudos
eelsasser
Level 15

Re: LDAP Settings for Webgateway 7

Jump to solution

If that is all you want to do, then yes. Use LDAP authentication for that.

I was unlcear on which authentication you were referring to. I thought you meant proxy user authentication.

LDAP authentication should work fine for administration.

0 Kudos
nexus-renz
Level 7

Re: LDAP Settings for Webgateway 7

Jump to solution

Hi,

I am also having problem with LDAP settings, but this time it is on the proxy authentication. The configuration page is the same as with the proxy authentication, and I applied the recommended setting as specified above, but it is still not working... Can you please provide me information on how to set this up properly, I could not find any information in the product guide and in the KBs about this. Thanks!

Renz

0 Kudos
Troja
Level 14

Re: LDAP Settings for Webgateway 7

Jump to solution

Witch Version of Webgateway 7 are you using? Are you using Server 2003, Server 2008 or Server 2008R2

It´s working fine within my WW7 Cluster.

Authentication Server Details.

ldap Server String: ldap://192.x.x.x:389

Credentials: cn=Administrator,cn=Users,dc=testdomain,dc=test

Enable LDAP version 3 is enabled

Base distinguished name for user objects: dc=testdomain,dc=test

Map user dame to DN: is enabled

Filter expression: (samaccountname=%u)

Get user attributes: is enabled

User attributes to retreive: cn

Get group attributes: is enabled

Base distinguished name for group objects: dc=testdomain,dc=test

Group attributes to retreive: cn

Now you only have to define the Group mappings under Role mapping.

cheers, Thorsten

0 Kudos
EQNish
Level 7

Re: LDAP Settings for Webgateway 7

Jump to solution

Troja,

Thanks That was what I was looking for, If you don't mind I have another quick question, in requards to LDAP authentication;

are the settings the same for User Authentication to LDAP (User Database)

0 Kudos
Troja
Level 14

Re: LDAP Settings for Webgateway 7

Jump to solution

Here are some screenshots.... Hope this helps

Note, when logging on, dont use your Domain Name in front of your user name or your FQDN.

Cheers, Thorsten

0 Kudos
EQNish
Level 7

Re: LDAP Settings for Webgateway 7

Jump to solution

Troja

Thank you immensely for your help, I was able to get everything configured

0 Kudos