1. Create a file (lets say MyLdapUserStore.xml) in IS_HOME/repository/conf/deployment/server/userstores
2. Copy paste following lines[1] into the file, make relevant changes according to your ldap server, eg server-ip, port, UserSearchBase, GroupSearchBase etc
3. Save the file, make sure the file name is same as the domainname property(i.e. Property name="DomainName" MyLdapUserStore) in UserStoreManager config[1]
4. Import ldap servers cretificate to client truststore in IS_HOME/repository/resources/security/client-truststore.jks
5. Start the server, And check 'User Store Management' in mangement console , you will see the user store you created. Also if you looked at 'Users' section you will see your userstores domain is listed in 'Select Domain' combo box
[1]
org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager WSO2.TEST MyLdapUserStore false false ldaps:// : CN=Administrator,CN=Users,DC=wso2,DC=test xxxxxx PLAIN_TEXT CN=Users,DC=wso2,DC=test user cn false 512 (objectClass=user) (&(objectClass=user)(cn=?)) [a-zA-Z0-9._-|//]{3,30}$ ^[\S]{3,30}$ ^[\S]{5,30}$ ^[\S]{3,30}$ [a-zA-Z0-9._-|//]{3,30}$ true true true CN=Users,DC=wso2,DC=test group cn cn CN=Users,DC=wso2,DC=test groups (object=organizationalUnit) ou organizationalUnit member (objectcategory=group) (&(objectClass=group)(cn=?)) true follow true 100 100
No comments:
Post a Comment