Configuration Scenarios for LDAP/AD Authentication
- Active Directory Authentication + Add new users on login time.
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.ActiveDirectoryAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=true ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.principal.pattern=%s@ad.domain.com ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=false ldap.sync.members.mode=none
- Simple User Authentication (One step LDAP entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.LdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=false rapiddeploy.security.authentication.allow.only.members=false rapiddeploy.security.authentication.add.user.groups=false rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.principal.pattern=uid=%s,ou=Users,dc=company,dc=com ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=false ldap.sync.members.mode=none
- Simple User Authentication + Group membership verification + New user and groups (nested groups) membership entries importing on login time + Existing user groups membership updating at login time (One step LDAP entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.LdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=true rapiddeploy.security.authentication.allow.only.members=true rapiddeploy.security.authentication.add.user.groups=true rapiddeploy.security.authentication.update.user.groups=true ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.principal.pattern=uid=%s,ou=Users,dc=company,dc=com ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.member.dn=dc=company,dc=com ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s)) ldap.security.search.member.nested.groups.enabled=false ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=false ldap.sync.members.mode=none - Basic User Authentication (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=false rapiddeploy.security.authentication.allow.only.members=false rapiddeploy.security.authentication.add.user.groups=false rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=false ldap.sync.members.mode=none - User Authentication + Group membership validation including nested groups (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=false rapiddeploy.security.authentication.allow.only.members=true rapiddeploy.security.authentication.add.user.groups=false rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.security.search.member.dn=dc=company,dc=com ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s)) ldap.security.search.member.nested.groups.enabled=true ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=false ldap.sync.members.mode=none - User Authentication + New user entry importing on login (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=true rapiddeploy.security.authentication.allow.only.members=false rapiddeploy.security.authentication.add.user.groups=false rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=false ldap.sync.members.mode=none - User authentication + Group membership verification + New user and group (No nested groups) members entries importing on Login time (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=true rapiddeploy.security.authentication.allow.only.members=true rapiddeploy.security.authentication.add.user.groups=true rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.security.search.member.dn=dc=company,dc=com ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s)) ldap.security.search.member.nested.groups.enabled=false ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=false ldap.sync.members.mode=none - Basic User Authentication + Background User synchronisation every 1 hour (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=false rapiddeploy.security.authentication.allow.only.members=false rapiddeploy.security.authentication.add.user.groups=false rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.sync.period=3600000 ldap.sync.users.enabled=true ldap.sync.users.search.dn=ou=Users,dc=company,dc=com ldap.sync.users.search.filter=(objectClass=inetOrgPerson) ldap.sync.users.username.attribute=uid ldap.sync.users.firstname.attribute=givenName ldap.sync.users.lastname.attribute=sn ldap.sync.users.desc.attribute=description ldap.sync.users.email.attribute=mail ldap.sync.groups.enabled=false ldap.sync.members.mode=none - Basic User Authentication + Background Group (Including nested groups) synchronisation every day (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=false rapiddeploy.security.authentication.allow.only.members=false rapiddeploy.security.authentication.add.user.groups=false rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.sync.period=86400000 ldap.sync.users.enabled=false ldap.sync.groups.enabled=true ldap.sync.groups.nested.enabled=true ldap.sync.groups.search.dn=ou=Groups,dc=company,dc=com ldap.sync.groups.search.filter=(objectClass=groupOfNames) ldap.sync.groups.name.attribute=cn ldap.sync.groups.desc.attribute=description ldap.sync.members.mode=none - Basic User Authentication + Background User and Group (No nested groups) synchronisation half day (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=false rapiddeploy.security.authentication.allow.only.members=false rapiddeploy.security.authentication.add.user.groups=false rapiddeploy.security.authentication.update.user.groups=false ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.sync.period=432400000 ldap.sync.users.enabled=true ldap.sync.users.search.dn=ou=Users,dc=company,dc=com ldap.sync.users.search.filter=(objectClass=inetOrgPerson) ldap.sync.users.username.attribute=uid ldap.sync.users.firstname.attribute=givenName ldap.sync.users.lastname.attribute=sn ldap.sync.users.desc.attribute=description ldap.sync.users.email.attribute=mail ldap.sync.groups.enabled=true ldap.sync.groups.nested.enabled=false ldap.sync.groups.search.dn=ou=Groups,dc=company,dc=com ldap.sync.groups.search.filter=(objectClass=groupOfNames) ldap.sync.groups.name.attribute=cn ldap.sync.groups.desc.attribute=description ldap.sync.members.mode=none - Basic User Authentication + Group membership verification + New user and groups (No nested groups) membership entries importing on login time + Existing user groups membership updating on login time + Background User, Group (Including nested groups) and User member of Groups synchronisation every 2 hours (Two steps, LDAP search and entry lookup)
authentication.provider.class=com.midvision.rapiddeploy.service.security.authentication.TwoStepsLdapAuthenticationProviderImpl rapiddeploy.security.authentication.add.new.user=true rapiddeploy.security.authentication.allow.only.members=true rapiddeploy.security.authentication.add.user.groups=true rapiddeploy.security.authentication.update.user.groups=true ldap.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.provider.url=ldap://hostname:389/ ldap.security.authentication=simple ldap.security.search.principal=cn=Manager ldap.security.search.credentials={_MV@ENC#_}30l7Io5rYD0= ldap.security.search.user.dn=dc=company,dc=com ldap.security.search.user.filter.pattern=(&(objectClass=organizationalPerson)(uid=%s)) ldap.security.search.member.dn=dc=company,dc=com ldap.security.search.member.filter.pattern=(&(objectClass=groupOfNames)(member=%s)) ldap.security.search.member.nested.groups.enabled=false ldap.sync.period=7200000 ldap.sync.users.enabled=true ldap.sync.users.search.dn=ou=Users,dc=company,dc=com ldap.sync.users.search.filter=(objectClass=inetOrgPerson) ldap.sync.users.username.attribute=uid ldap.sync.users.firstname.attribute=givenName ldap.sync.users.lastname.attribute=sn ldap.sync.users.desc.attribute=description ldap.sync.users.email.attribute=mail ldap.sync.groups.enabled=true ldap.sync.groups.nested.enabled=true ldap.sync.groups.search.dn=ou=Groups,dc=company,dc=com ldap.sync.groups.search.filter=(objectClass=groupOfNames) ldap.sync.groups.name.attribute=cn ldap.sync.groups.desc.attribute=description ldap.sync.members.mode=group-user