Provides instructions on how to configure the GridGuard server to access the customer's reference user store (typically Active Directory) for validating user passwords and group memberships.
Launch ACC and choose 'Add a New Server' option
Click Servers > Add a New Server
Create Server Reference
- Set Server ID to a name that will be used to identify this server
- Set Server Type to LDAP
- Set LDAP Type to External - Active Directory or External - LDAP as the case may be
- Set LDAP Server to the URL that will be used to access the server. This should be formatted as ldap://server:port or ldaps://server:port
- If the LDAP Server is configured to use the ldaps protocol, and if SSL certificate errors should be ignored, check the Ignore SSL Errors checkbox
- Set Bind DN to the service account DN that will be used to connect to and query this LDAP server
- Set Bind Password to the password associated with the service account
- Set Test User DN to the full DN of a user on the LDAP server that can be used to verify connectivity (optional)
- Set User Query to the ldap query that will be executed to search for users. The ? parameter will be replaced with the username when queries to find user are executed
- Set User Attribute to the name of the attribute that is used to store the username
- Click Add Server to add server
- Click Apply Changes to save changes
Choose 'Add a New Store' option
Choose Stores > Add a New Store
Create User Store Reference
- Set Store ID to a unique name that will be used to identify this user store
- Set Store Type to userStore
- Set Storage Type to LDAP
- Set LDAP Server to the name of the assigned to the server created above
- Set Base DN to the base dn that will be used to query for users on this server
- Click Add Store
- Click Apply Changes to save all changes
Comments