2 Replies Latest reply: May 27, 2013 2:22 AM by Craig Botha (IBP) RSS

    EDQ authentication through Novell

    Craig Botha (IBP)
      We are currently using AD as our authentication platform for EDQ. We need to set up additional configurations for authentication through Novell. Has anybody done this? What is different from the AD configuration?

      Thanks
      Craig
        • 1. Re: EDQ authentication through Novell
          Mike-Matthews-Oracle
          Hi Craig,

          Apologies for the late response on this. I believe an SR has been logged, and a response will be available on the SR very shortly.

          Some basic notes are as follows. The examples files are missing below (but will be on the SR):

          EDQ does not have out of the box support for Novel eDirectory. However it can be configured easily. To do this, you need to define a ‘realm’ with connection details for the eDirectory server and an associated ‘profile’ defining the LDAP search filters and attributes to use with the eDirectory.

          All this information can be added to the login.properties file but it is sometimes simpler to define the information in separate files. Realm information can be define in files in the realms subdirectory of the security directory and profile information can be stored in the profiles subdirectory.

          These are the steps:

          1. In the login.properties file, add a realm ‘edir’ to the realms list:

          realms = internal,...,edir

          2. Create a directory realms in the security directory and store the attached edir.properties there. Amend the file with:

          •     The LDAP server address. The example file has 10.8.1.182.
          •     The correct LDAP domain information. The example file users the domain o=rde
          •     The DN and password of the user used to connect to LDAP. The example has cn=rde,ou=users,o=rde
          •     The LDAP group used to contain EDQ users. The example has testgroup
          •     If the server has a certificate installed, uncomment the ‘ldap.security’ line to enable SSL connections

          3. Create a directory profiles in the security directory and save the attached novell.properties there. This file is suitable for a standard eDirectory setup and should not need any changes. It assumes:

          •     An objectClass of inetOrgPerson for users
          •     An objectClass of groupOfNames for groups
          •     The unique ID of user and group entries is the GUID attribute

          The profile can be tweaked if these assumptions are not correct.

          Regards,

          Mike
          • 2. Re: EDQ authentication through Novell
            Craig Botha (IBP)
            Thanks Mike

            I got the files. I'm having some other issues (not sure if they are related), but will log them as a follow up SR.

            Kind regards
            Craig