Once you have added required users to Active Directory, you can use the directory to authenticate administration login requests for Sybase Control Center.
For Sybase Control Center, you define an LDAP providers by manually editing a configuration file. Sybase recommends that you back up this file before making any changes to it.
Property | Syntax | Description or value |
---|---|---|
AuthenticationSearchBase | ou=<ou name>, dc=<domain name> |
The Active Directory search base for the Unwired Platform admin account. For example, ou=Sales,dc=sybase,dc=com. |
BindDN | The Unwired Platform admin account. For example, cn=supAdmin,ou=Sales,dc=sybase,dc=com. | |
BindPassword | The Password for Unwired Platform admin account. | |
DefaultSearchBase | ou=<ou name>, dc=<domain name> |
The Active Directory search base for the Unwired Platform admin account. For example, ou=Sales,dc=sybase,dc=com. |
AuthenticationFilter | Use (&(sAMAccountName={uid})(objectclass=user)). | |
ProviderURL | ldap://<LDAP hostname>:<LDAP port> | The Active Directory server name or IP address, and port number. |
AuthenticationScope | subtree | |
ServerType | msad2k |
Each line of the LDAP server module of the properties file must begin with "CSI.loginModule." followed by a module number. The module number in this sample is 5. The module number you assign must be unique in the properties file, and you must use the same module number in every line of the module.
When you are finished, your module definition is similar to this example:
=================================================== ## LDAP login module for SCC CSI.loginModule.5.options.AuthenticationSearchBase=ou=Sales,dc=sybase,dc=com CSI.loginModule.5.options.BindDN=cn=supAdmin,ou=Sales,dc=sybase,dc=com CSI.loginModule.5.options.BindPassword=mysecret CSI.loginModule.5.options.DefaultSearchBase=ou=Sales,dc=sybase,dc=com CSI.loginModule.5.options.ProviderURL=ldap://mylocalhost:389 CSI.loginModule.5.options.RoleSearchBase=ou=groups,dc=example,dc=com CSI.loginModule.5.options.AuthenticationScope=subtree CSI.loginModule.5.options.ServerType=msad2k CSI.loginModule.5.options.moduleName=LDAP Login Module CSI.loginModule.5.provider=com.sybase.ua.services.security.ldap.LDAPWithRoleLoginModule CSI.loginModule.5.controlFlag=sufficient =====================================================
This example specifies that Active Directory is used as the LDAP server for Sybase Control Center authentication requests.
For a complete list of available LDAP properties and values you can configure for Active Directory, see System Administration>System Reference>Security Provider Configuration Properties>LDAP Configuration Properties.keytool -import -keystore <SUP_installdir>\shared\JRE-<version>\bin\keytool\lib\security\cacerts -file <your cert file and path> -alias ldapcert -storepass changeit