Quick-reference LDAP worksheet
Checklist of required information and steps to configure a HCL Compass
Following is the list of questions you need to ask your LDAP administrator in order to configure a HCL Compass database set for LDAP authentication.
Questions:
- A. What is the host name of the LDAP server? ________________________
- B. What is the TCP port number (non-SSL)? ______
- C. Does the LDAP server allow anonymous searches? ____
- C1. What is the DN of the search account? _______________________
- C2. What is the password of the search account? ____________________
- D. What is the base DN from which to start searching for LDAP user directory entries that correspond to HCL Compass users? ___________________________
- E. What is the scope of the search from the base DN? ____________
- F. What is the LDAP attribute that is used to store the user entry login name values? _________________
- G. What is the LDAP search filter that HCL Compass must use to select the LDAP user entry based on the attribute specified in the previous question? _________________________________
- H. What is the LDAP attribute of the user entry to be used to map the user to a corresponding HCL Compass user profile record? __________
- I. What is the login name of a user entry that can be used to validate that HCL Compass can correctly authenticate a user against the LDAP directory? _______________________
- J. What is the password for the user entry specified in the previous question? __________________
Run the following commands from the directory where HCL Compass is installed (for example, C:\Program Files\HCL\Compass): These commands assume that the answers to the above questions were as shown in the topic Collecting LDAP information.
-
installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_ONLY
-
installutil setldapinit dbset_name cq_user cq_password "-h <A> -p <B> -D <C1> -w <C2>"
-
installutil setldapsearch dbset_name cq_user cq_password "-s <E> -b <D> <G>"
-
installutil setcqldapmap dbset_name cq_user cq_password cq_user_field <H>
-
installutil validateldap dbset_name cq_user cq_password <I> <J>
-
installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_FIRST
- Set every user's authentication mode by using the User Administration GUI or the SetupCQLDAP.pl script.
- Test your database set's LDAP settings by having users log in to HCL Compass by entering the LDAP login name and password.