Submit Feedback

Connecting to LDAP

You can configure an LDAP server at the system level or instance level. If you are on Liferay PaaS or self-hosted, you can choose the configuration scope based on your needs. Note, when configuring at the system scope, you must specify each instance ID. If you’re on Liferay SaaS, you must configure LDAP at the instance scope. See Connecting to an LDAP Directory.

Clarity Vision Solutions must import user data from a company they just acquired.

Start and Populate an LDAP Directory

  1. Start a new OpenLDAP container.

    docker run \
	   --env LDAP_ORGANISATION="Fabulous Frames" \
	   --env LDAP_DOMAIN="fabulousframes.com" \
	   --env LDAP_BASE_DN="dc=fabulousframes,dc=com" \
	   --name fabulousframesldap \
	   -p 389:389 \
	   -p 636:636 \
	   osixia/openldap:1.5.0

  2. Find the IP address of the fabulousframesldap container. This will be used in the configuration step below.

    docker network inspect bridge

  3. Generate an LDIF file to seed LDAP with a user and a user group.

    cat <<EOT >> sarah.ldif
dn: cn=sarah,dc=fabulousframes,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Sarah
sn: Stanley
givenName: Sarah
mail: sarah@fabulousframes.com
title: IT Staff
userPassword: learn

cn: fabulousframes
dn: cn=fabulousframes,dc=fabulousframes,dc=com
objectClass: groupOfUniqueNames
objectClass: top
uniqueMember: cn=sarah,dc=fabulousframes,dc=com
EOT

  4. In your shell, navigate to the same folder as the LDIF file. Copy the file into the container.

    docker cp sarah.ldif fabulousframesldap:/container/service/slapd/assets/test

  5. Add the entry into the OpenLDAP server.

    docker exec fabulousframesldap ldapadd -x -D "cn=admin,dc=fabulousframes,dc=com" -w admin -f /container/service/slapd/assets/test/sarah.ldif -H ldap://localhost

Connect Liferay to the LDAP Directory

  1. Navigate to Global Menu (Global Menu) → Control PanelInstance Settings.

  2. Under security, click LDAP.

  3. In the left navigation, click Servers.

  4. Click Add.

  5. In the new page, enter the LDAP connection information.

    • Server Name: Fabulous Frames
    • Base Provider URL: ldap://[IP address]:389
    • Base DN: dc=fabulousframes,dc=com
    • Principal: cn=admin,dc=fabulousframes,dc=com
    • Credentials: admin

    Enter the connection information.

    Click Test LDAP Connection. A popup window shows that Liferay has connected successfully to the LDAP server. Click the X and close the window.

  6. In the LDAP user information section, map your LDAP fields to the appropriate Liferay fields. Type uid into the UUID field to map Liferay’s UUID field to LDAP’s uid field. This is necessary to export data to LDAP. Click Test LDAP Users to preview the mapping of user fields.

    Enter the user fields information.

  7. In the LDAP groups section, enter Fabulous Frames into the Description field. Click Test LDAP Groups to verify that the fabulousframes user group is visible.

  8. Click Save.

Clarity Vision Solutions’ Liferay instance is now connected to Fabulous Frames’s LDAP directory.

Next: Importing and Exporting users.

Relevant Concepts

Capabilities

Product

Contact Us

Connect

Powered by Liferay
© 2024 Liferay Inc. All Rights Reserved • Privacy Policy