Configuring the manager for LDAP authentication

If a site-wide authentication and authorization system is available via LDAP (Lightweight Directory Access Protocol), then you can set up the manager to use it for authorizing access to the management UI.

To set up LDAP, first set the authType property in the manager.properties file to the value ldap:

authType=ldap

To restrict access to the management UI to members of a particular LDAP group, set the authGroup property to the name of the group that's allowed to access it. For example, if the name of the allowed group is RosokaUsers, then set the property like this:

authGroup=RosokaUsers

To allow all authenticated users to access the management UI, either don't set the authgroup property, or set it to the default value, **.

Save these changes to the manager.properties file.

Next, you need to configure the manager to access the LDAP server by editing the conf/ldap.conf file. A sample file is provided, and you should only need to change the property values in order to adapt to the site environment.

Note: Interfacing with LDAP can be complex, and i2 recommends contacting your system administrator for help with the settings in the LDAP configuration file.

To use i2 TextChart Server with an LDAPS (LDAP with SSL) server, see Configuring SSL for i2 TextChart Server.

After you finalize changes to manager.properties and conf/ldap.conf, restart the manager service to make them take effect.