9 Replies Latest reply on Oct 28, 2010 9:34 PM by nexus-renz

    LDAP Settings for Webgateway 7

      I'm tring to configure web Gate way 7 for remote LDAP configuration, and can not get it to work at all, the Product guid is HIGHLY lacking in detailed information (such as the proper format for OU mapping).. Can any one give me a step by step guid for the external database connection for administrators authentication, and for user authentication?

       

      Also if there is a more detailed administrators guide could some one send me a link?

        • 1. Re: LDAP Settings for Webgateway 7

          Have you used LDAP in a previous version ?

           

          We are using LDAP on V6.8.6.

           

          You need to setup the LDAP server IP address, LDAP username with the correct ou mapping eg, cn=wwuser,ou=admin,o=company, password, Base DN to Users eg ou=users,o=company

          We are using eDirectory LDAP so we have a lookup filter:

           

          (&(ObjectClass=user)(loginTime>=%u))

           

          and a Novell eDirectory network address attribute of:

           

          NetworkAddress loginTime

          This will ask the LDAP server for each User logged in, their network address and their login time.

           

          Let me know if that helps.

           

          Regards

           

          Drew

          • 2. Re: LDAP Settings for Webgateway 7
            Troja

            Witch Version of Webgateway 7 are you using? Are you using Server 2003, Server 2008 or Server 2008R2

            It´s working fine within my WW7 Cluster.

             

            Authentication Server Details.

             

            ldap Server String: ldap://192.x.x.x:389

            Credentials: cn=Administrator,cn=Users,dc=testdomain,dc=test

            Enable LDAP version 3 is enabled

            Base distinguished name for user objects: dc=testdomain,dc=test

            Map user dame to DN: is enabled

            Filter expression: (samaccountname=%u)

            Get user attributes: is enabled

            User attributes to retreive: cn

            Get group attributes: is enabled

            Base distinguished name for group objects: dc=testdomain,dc=test

            Group attributes to retreive: cn

             

            Now you only have to define the Group mappings under Role mapping.

             

            cheers, Thorsten

            • 3. Re: LDAP Settings for Webgateway 7

              Troja,

              Thanks That was what I was looking for, If you don't mind I have another quick question, in requards to LDAP authentication;

              are the settings the same for User Authentication to LDAP (User Database)

              • 4. Re: LDAP Settings for Webgateway 7
                Troja

                Here are some screenshots.... Hope this helps

                Note, when logging on, dont use your Domain Name in front of your user name or your FQDN.

                 

                Cheers, Thorsten

                1 of 1 people found this helpful
                • 5. Re: LDAP Settings for Webgateway 7

                  Troja

                  Thank you immensely for your help, I was able to get everything configured

                  • 6. Re: LDAP Settings for Webgateway 7

                    Keep in mind that eDirectory "Authentication" is different than LDAP authentication.

                     

                    True LDAP authentication binds the username and password and tries to actually logon to the LDAP server.

                     

                    eDirectory "Authentication" has a service account that queries eDir with the IP address of the client and eDir responds back with a user of the person last seen at that IP address.

                     

                    I just wanted to make that distiction, but glad to hear you got it working.

                     

                    • 7. Re: LDAP Settings for Webgateway 7
                      Troja

                      Hi Erik,

                      will be eDirectory Authentication possible for managing administrative Accounts?

                      Best regards,

                      Thorsten

                      • 8. Re: LDAP Settings for Webgateway 7

                        If that is all you want to do, then yes. Use LDAP authentication for that.

                        I was unlcear on which authentication you were referring to. I thought you meant proxy user authentication.

                         

                        LDAP authentication should work fine for administration.

                         

                        • 9. Re: LDAP Settings for Webgateway 7

                          Hi,

                           

                          I am also having problem with LDAP settings, but this time it is on the proxy authentication. The configuration page is the same as with the proxy authentication, and I applied the recommended setting as specified above, but it is still not working... Can you please provide me information on how to set this up properly, I could not find any information in the product guide and in the KBs about this. Thanks!

                           

                          Renz