Configuration Scenarios for LDAP/AD Authentication

  1. Active Directory Authentication + Add new users on login time.
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.ActiveDirectoryAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=true
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.principle.pattern=%s@ad.domain.com
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  2. Simple User Authentication (One step LDAP entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.LdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=false
    rapiddeploy.security.authentication.allow.only.members=false
    
    rapiddeploy.security.authentication.add.user.groups=false
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.principle.pattern=uid=%s,ou=Users,dc=company,dc=com
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  3. Simple User Authentication + Group membership verification + New user and groups (nested groups) membership entries importing on login time + Existing user groups membership updating at login time (One step LDAP entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.LdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=true
    rapiddeploy.security.authentication.allow.only.members=true
    
    rapiddeploy.security.authentication.add.user.groups=true
    rapiddeploy.security.authentication.update.user.groups=true
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.principle.pattern=uid=%s,ou=Users,dc=company,dc=com
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.member.dn=dc=company,dc=com
    ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s))
    ldap.security.search.member.nested.groups.enabled=false
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  4. Basic User Authentication (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=false
    rapiddeploy.security.authentication.allow.only.members=false
    
    rapiddeploy.security.authentication.add.user.groups=false
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  5. User Authentication + Group membership validation including nested groups (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=false
    rapiddeploy.security.authentication.allow.only.members=true
    
    rapiddeploy.security.authentication.add.user.groups=false
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.security.search.member.dn=dc=company,dc=com
    ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s))
    ldap.security.search.member.nested.groups.enabled=true
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  6. User Authentication + New user entry importing on login (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=true
    rapiddeploy.security.authentication.allow.only.members=false
    
    rapiddeploy.security.authentication.add.user.groups=false
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  7. User authentication + Group membership verification + New user and group (No nested groups) members entries importing on Login time (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=true
    rapiddeploy.security.authentication.allow.only.members=true
    
    rapiddeploy.security.authentication.add.user.groups=true
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.security.search.member.dn=dc=company,dc=com
    ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s))
    ldap.security.search.member.nested.groups.enabled=false
    
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  8. Basic User Authentication + Background User synchronisation every 1 hour (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=false
    rapiddeploy.security.authentication.allow.only.members=false
    
    rapiddeploy.security.authentication.add.user.groups=false
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.sync.period=3600000
    
    ldap.sync.users.enabled=true
    ldap.sync.users.search.dn=ou=Users,dc=company,dc=com
    ldap.sync.users.search.filter=(objectClass=inetOrgPerson)
    ldap.sync.users.username.attribute=uid
    ldap.sync.users.firstname.attribute=givenName
    ldap.sync.users.lastname.attribute=sn
    ldap.sync.users.desc.attribute=description
    ldap.sync.users.email.attribute=mail
    
    ldap.sync.groups.enabled=false
    ldap.sync.members.mode=none
  9. Basic User Authentication + Background Group (Including nested groups) synchronisation every day (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=false
    rapiddeploy.security.authentication.allow.only.members=false
    
    rapiddeploy.security.authentication.add.user.groups=false
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.sync.period=86400000
    ldap.sync.users.enabled=false
    
    ldap.sync.groups.enabled=true
    ldap.sync.groups.nested.enabled=true
    ldap.sync.groups.search.dn=ou=Groups,dc=company,dc=com
    ldap.sync.groups.search.filter=(objectClass=groupOfNames)
    ldap.sync.groups.name.attribute=cn
    ldap.sync.groups.desc.attribute=description
    
    ldap.sync.members.mode=none
  10. Basic User Authentication + Background User and Group (No nested groups) synchronisation half day (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=false
    rapiddeploy.security.authentication.allow.only.members=false
    
    rapiddeploy.security.authentication.add.user.groups=false
    rapiddeploy.security.authentication.update.user.groups=false
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.sync.period=432400000
    
    ldap.sync.users.enabled=true
    ldap.sync.users.search.dn=ou=Users,dc=company,dc=com
    ldap.sync.users.search.filter=(objectClass=inetOrgPerson)
    ldap.sync.users.username.attribute=uid
    ldap.sync.users.firstname.attribute=givenName
    ldap.sync.users.lastname.attribute=sn
    ldap.sync.users.desc.attribute=description
    ldap.sync.users.email.attribute=mail
    
    ldap.sync.groups.enabled=true
    ldap.sync.groups.nested.enabled=false
    ldap.sync.groups.search.dn=ou=Groups,dc=company,dc=com
    ldap.sync.groups.search.filter=(objectClass=groupOfNames)
    ldap.sync.groups.name.attribute=cn
    ldap.sync.groups.desc.attribute=description
    
    ldap.sync.members.mode=none
  11. Basic User Authentication + Group membership verification + New user and groups (No nested groups) membership entries importing on login time + Existing user groups membership updating on login time + Background User, Group (Including nested groups) and User member of Groups synchronisation every 2 hours (Two steps, LDAP search and entry lookup)
    authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl
    
    rapiddeploy.security.authentication.add.new.user=true
    rapiddeploy.security.authentication.allow.only.members=true
    
    rapiddeploy.security.authentication.add.user.groups=true
    rapiddeploy.security.authentication.update.user.groups=true
    
    ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
    ldap.provider.url=ldap://hostname:389/
    ldap.security.authentication=simple
    
    ldap.security.search.principal=cn=Manager
    ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0=
    
    ldap.security.search.user.dn=dc=company,dc=com
    ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s))
    
    ldap.security.search.member.dn=dc=company,dc=com
    ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s))
    ldap.security.search.member.nested.groups.enabled=false
    
    ldap.sync.period=7200000
    
    ldap.sync.users.enabled=true
    ldap.sync.users.search.dn=ou=Users,dc=company,dc=com
    ldap.sync.users.search.filter=(objectClass=inetOrgPerson)
    ldap.sync.users.username.attribute=uid
    ldap.sync.users.firstname.attribute=givenName
    ldap.sync.users.lastname.attribute=sn
    ldap.sync.users.desc.attribute=description
    ldap.sync.users.email.attribute=mail
    
    ldap.sync.groups.enabled=true
    ldap.sync.groups.nested.enabled=true
    ldap.sync.groups.search.dn=ou=Groups,dc=company,dc=com
    ldap.sync.groups.search.filter=(objectClass=groupOfNames)
    ldap.sync.groups.name.attribute=cn
    ldap.sync.groups.desc.attribute=description
    
    ldap.sync.members.mode=group-user