Versions Compared

Old Version 1

changes.mady.by.user MS

Saved on

compared with

New Version Current

changes.mady.by.user MS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Introduction to Abiquo and LDAP and Active Directory

...

To configure the LDAP/AD integration do these steps:

  1. Configure the Abiquo Properties as described below

  2. Check LDAP/AD users have all information to be passed to Abiquo as described below

  3. Log in to Abiquo as the admin user. Remember to set a secure password

  4. In Abiquo, create the following entities to match your LDAP/AD entities:

    1. Abiquo enterprises with the naming matching the value of the appropriate attribute from LDAP/AD. For details of how to create an enterprise, see Manage enterprises

    2. Abiquo roles with the External roles attribute set to the LDAP/AD groups of the role, see Manage Roles

      1. To use external roles, enter the role name only, for example:

        • External roles:  

          • my_ldap_role_01

          • my_ldap_role_02

After you have completed the configuration, allow your users to log in using LDAP authentication.

...

Property

Default value

Explanation _____________________________________________

abiquo.auth.module

abiquo

Whether Abiquo should authenticate only via database or it should also authenticate against LDAP/Active Directory.
Values: abiquo , ldap, openid, saml

abiquo.ldap.authentication.server.url

URL of LDAP/Active Directory server

abiquo.ldap.authentication.server.port

389

Port to connect to on LDAP/Active Directory server.
You must enter this property, even if it is the default value

abiquo.ldap.authentication.server.protocol

ldap

Protocol to be used when authenticating to LDAP/Active Directory. Values: ldap , ldaps

abiquo.ldap.authentication.server.baseDN


Base Distinguished Name of the LDAP/Active Directory.
Usually it is the Domain Controller (or Domain in Windows).
For example, if the domain is office1.mycompany.com, you would enter "DC=office1,DC=mycompany,DC=com".

abiquo.ldap.authentication.custom.userDnPattern

cn={0},CN=Users

Use this property to tell Abiquo to perform an additional custom query against the specified schema in the LDAP/Active Directory.
This value is required. With the default value, Abiquo does not perform an additional query.
For a non-standard schema, enter the userDN pattern to successfully bind to LDAP/AD.

abiquo.ldap.authentication.attribute.enterprise

organizationname

The attribute in LDAP/Active Directory to look up the Enterprise Name which must be an Enterprise in Abiquo.

  • In OpenLDAP this value normally defaults to 'o'.

  • In Active Directory it defaults to 'company' but you could map it to 'department'.

abiquo.ldap.authentication.autoUserCreation

true

Whether Abiquo must create a user in Abiquo based on a successful login to LDAP

...

Use LDAP and Active Directory integration and basic authentication together

...

Tested implementations

Include Page
doc:LDAP compatibility versions tabledoc:
LDAP compatibility versions table

...