Versions Compared

Version Old Version 6 New Version 7
Changes made by

MS (Unlicensed)

MS (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Div
classtocc
Table of Contents

...

Div
classtinycode


Property

Default Value

Explanation _____________________________________________

abiquo.auth.module

abiquo

Whether Abiquo should authenticate only via Database or it should also authenticate against LDAP/Active Directory. Values: abiquo , ldap

abiquo.ldap.authentication.server.url

 

LDAP/Active Directory server URL

abiquo.ldap.authentication.server.port

389

LDAP/Active Directory port. In LDAP mode this property is required, even if the server is listening at the default LDAP/Active Directory port

abiquo.ldap.authentication.server.protocol

ldap

Protocol to be used when authenticating to a LDAP/Active Directory. Values: ldap , ldaps

abiquo.ldap.authentication.server.baseDN

 

Base Distinguished Name of the LDAP/Active Directory

abiquo.ldap.authentication.custom.userDnPattern

cn={0},CN=Users

Abiquo will perform an additional custom query against the specified schema in the LDAP/Active Directory. This value is required. With the default value, Abiquo does not perform an additional query.

abiquo.ldap.authentication.
attribute.enterprise

organizationname

The attribute in LDAP/Active Directory to look up the Enterprise Name which must be an Enterprise in Abiquo.

abiquo.ldap.authentication.autoUserCreationtrueWhether Abiquo must create a user in Abiquo based on a successful login to LDAP


Notes about the properties:

...

Switching from Abiquo to LDAP/AD Authentication

Abiquo no longer guarantees does not guarantee the uniqueness of users based on their username. Starting from version 1.8 Abiquo users are made unique by username + authType. AuthType is what the user is logged in against. So it is possible to have more than one user with the same username as long as their 'AuthType' is different. This means that you will not have problems with LDAP/AD users not being able to log in because of another user with the same username. But it also means that if you are delegating authentication to a centralized server in your company and you want this server to be the only authorities provider, you must either delete or disable any previously created users or else those users are also able to log in.

...