Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

  1. Configure the Abiquo Properties as described below
  2. Check LDAP/AD users have all information to be passed to Abiquo as described below
  3. Log in to Abiquo as the admin user. Remember to set a secure password
  4. In Abiquo, create the following entities to match your LDAP/AD entities:
    1. Abiquo enterprises with the naming matching the value of the appropriate attribute from LDAP/AD. For details of how to create an enterprise, see Manage Enterprises
    2. Abiquo roles with the External roles attribute set to the LDAP/AD groups of the role, see Manage Roles
      1. To use external roles, enter the role name only, for example:
        • External roles:  
          • my_ldap_role_01
        ,
          • my_ldap_role_02

After you have completed the configuration, allow your users to log in using LDAP authentication

...

Property

Default Value

Explanation _____________________________________________

abiquo.auth.module

abiquo

Whether Abiquo should authenticate only via database or it should also authenticate against LDAP/Active Directory.
Values: abiquo , ldap, openid

abiquo.ldap.authentication.server.url

 

URL of LDAP/Active Directory server

abiquo.ldap.authentication.server.port

389

Port to connect to on LDAP/Active Directory server.
You must enter this property, even if it is the default value

abiquo.ldap.authentication.server.protocol

ldap

Protocol to be used when authenticating to LDAP/Active Directory. Values: ldap , ldaps

abiquo.ldap.authentication.server.baseDN

 

Base Distinguished Name of the LDAP/Active Directory.
Usually it is the Domain Controller (or Domain in Windows).
For example, if the domain is office1.mycompany.com, you would enter "DC=office1,DC=mycompany,DC=com".

abiquo.ldap.authentication.custom.userDnPattern

cn={0},CN=Users

Use this property to tell Abiquo to perform an additional custom query against the specified schema in the LDAP/Active Directory.
This value is required. With the default value, Abiquo does not perform an additional query.
For a non-standard schema, enter the userDN pattern to successfully bind to LDAP/AD.

abiquo.ldap.authentication.attribute.enterprise

organizationname

The attribute in LDAP/Active Directory to look up the Enterprise Name which must be an Enterprise in Abiquo.

  • In OpenLDAP this value normally defaults to 'o'.
  • In Active Directory it defaults to 'company' but you could map it to 'department'.
abiquo.ldap.authentication.autoUserCreationtrueWhether Abiquo must create a user in Abiquo based on a successful login to LDAP


Information that Abiquo retrieves to create users

...