Quick-reference LDAP worksheet

Checklist of required information and steps to configure a HCL Compass

Following is the list of questions you need to ask your LDAP administrator in order to configure a HCL Compass database set for LDAP authentication.

Questions:
  • A. What is the host name of the LDAP server? ________________________
  • B. What is the TCP port number (non-SSL)? ______
  • C. Does the LDAP server allow anonymous searches? ____
  • C1. What is the DN of the search account? _______________________
  • C2. What is the password of the search account? ____________________
  • D. What is the base DN from which to start searching for LDAP user directory entries that correspond to HCL Compass users? ___________________________
  • E. What is the scope of the search from the base DN? ____________
  • F. What is the LDAP attribute that is used to store the user entry login name values? _________________
  • G. What is the LDAP search filter that HCL Compass must use to select the LDAP user entry based on the attribute specified in the previous question? _________________________________
  • H. What is the LDAP attribute of the user entry to be used to map the user to a corresponding HCL Compass user profile record? __________
  • I. What is the login name of a user entry that can be used to validate that HCL Compass can correctly authenticate a user against the LDAP directory? _______________________
  • J. What is the password for the user entry specified in the previous question? __________________

Run the following commands from the directory where HCL Compass is installed (for example, C:\Program Files\HCL\Compass): These commands assume that the answers to the above questions were as shown in the topic Collecting LDAP information.

  1. installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_ONLY
  2. installutil setldapinit dbset_name cq_user cq_password "-h <A> -p <B> -D <C1>
     -w <C2>"
  3. installutil setldapsearch dbset_name cq_user cq_password "-s <E> -b <D> <G>"
  4. installutil setcqldapmap dbset_name cq_user cq_password cq_user_field <H>
  5. installutil validateldap dbset_name cq_user cq_password <I> <J>
  6. installutil setauthenticationalgorithm dbset_name cq_user cq_password CQ_FIRST
  7. Set every user's authentication mode by using the User Administration GUI or the SetupCQLDAP.pl script.
  8. Test your database set's LDAP settings by having users log in to HCL Compass by entering the LDAP login name and password.