The LDAP connector can be used with any directory which supports the LDAP or LDAPS protocol such as OpenLDAP, Active Directory or eDirectory.
Installing the connector
The steps below describe how to install and start the connector. Depending on whether you are using Kubernetes, Swarm or RPM, the instructions will vary. All three are described below.
First, make the a copy of the default startup script found in /usr/local/OpenIAM/connectors
su openiamcp startup.sh startldapconnector.sh
You will also need to create a directory for cacerts if you plan to enable SSL communication to LDAP. You can do this with the following:
Next edit the new .sh file so that the line starting with the java includes the following argument
The resulting startldapconnector.sh file should be as shown below
#!/bin/bashjava -Dconfpath=/data/openiam -Dlogging.level.root=WARN -Djavax.net.ssl.keyStorePassword==changeit -Djavax.net.ssl.trustStore=/data/openiam/conf/ldap-connector-rabbitmq/certs/cacerts-Dorg.openiam.connector.queue=$(cat /usr/local/OpenIAM/connectors/$1/properties)_Request-Dorg.openiam.connector.queueResponseName=$(cat /usr/local/OpenIAM/connectors/$1/properties)_Response-jar /usr/local/OpenIAM/connectors/$1/$1.jar >> /usr/local/OpenIAM/logs/$1.out &
To start the connector, use the following command:
To check the connector status:
You should see the following output if the connector is running
[OK] - ldap-connector-rabbitmq - Service working. Application status: [ UP ]
Provide details about how to add this connector the Provision -> Connector section
Connecting to your directory
Provide details here about the establishing a connection as well any filters or related details that we need to fill in.
Define attribute provisioning rules
Provide details about the policy map