Log in to Sentinel Log Manager as the administrator user.
Click the
link on the top left corner of the page.On the Users page, click
.The LDAP Settings page is displayed.
Specify the following:
NOTE:If
is set and is not set, the is appended to the relative user DN to construct the absolute user DN.For example, if the Base DN is set to o=novell and the absolute user DN is cn=sentinel_ldap_user,o=novell while creating LDAP user accounts, only the relative user DN i.e cn=sentinel_ldap_user can be specified.
Click
to test whether the LDAP connection is successful.The Test the LDAP Connection page is displayed.
Specify the test credentials to connect to the LDAP server:
If Anonymous Search is Yes: Specify the username and password.
If Anonymous Search is No: Specify the user DN and password. The user DN can be relative to the Base DN.
Click
to test the LDAP connection.A message is displayed that indicates whether the connection is successful.
If there is any error, review the configuration details you provided and test the connection again.You can determine the cause of the failure by examining the /var/opt/novell/sentinel_log_mgr/log/server0.0 log file. You must ensure that the test connection is successful before saving the LDAP settings.
Click
to save the LDAP settings.On successful configuration:
The LdapLogin section of the /etc/opt/novell/sentinel_log_mgr/config/auth.login file is updated. For example:
LdapLogin { com.sun.security.auth.module.LdapLoginModule required java.naming.ldap.factory.socket="com.esecurity.common.communication.ProxyLdapSSLSocketFactory" userProvider="ldap://10.0.0.1:636/o=novell" userFilter="(&(uid={USERNAME})(objectclass=user))" useSSL=true; };
The LDAP server CA certificate, if provided, is added to a keystore named /etc/opt/novell/sentinel_log_mgr/config/.activemqkeystore.jks
After saving the LDAP settings successfully, you can create LDAP user accounts to enable users to log in to Sentinel Log Manager by using their LDAP directory credentials.
NOTE:You can also configure the Sentinel Log Manager server for LDAP authentication by running the ldap_auth_config.sh script in the /opt/novell/sentinel_log_mgr/setup directory.
The script also supports command online options. To view the command line options, run the script as follows:
/opt/novell/sentinel_log_mgr/setup/ldap_auth_config.sh --help