cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Abhinandan Prateek <Abhinandan.Prat...@citrix.com>
Subject Re: [ACS4.2] LDAP UI
Date Thu, 14 Feb 2013 06:56:33 GMT

On 14/02/13 11:30 AM, "David Nalley" <david@gnsa.us> wrote:

>On Thu, Feb 14, 2013 at 12:51 AM, Pranav Saxena
><pranav.saxena@citrix.com> wrote:
>> To configure LDAP  , we need to pass in few multiple mandatory
>>parameters -
>>
>> hostname        Hostname or ip address of the ldap server eg:
>>my.ldap.com
>> queryfilter     You specify a query filter here, which narrows down the
>>users, who can be part of this domain.
>> searchbase      The search base defines the starting point for the
>>search in the directory tree
>>
>> If you are referring to Global settings , that can be done but then
>>we'll have to have three Ldap config parameters there . if that is a
>>good design to handle this , then yes we can do that. Perhaps , the idea
>>is to have a single dialog box where a user could supply three values
>>and configure and debug them if something goes wrong.
>
>
>Those are the mandatory API inputs for CloudStack.
>But almost all environments will require username/password for binding
>at a minimum, and you should probably, and prolly offer the SSL option
>as well. Port should probably be an option too.
>
>Without at least bind creds, the API configuration is practically
>useless on any modern LDAP server.
>
>--David

The admin guide documents the LDAP API. SSL is supported.
http://incubator.apache.org/cloudstack/docs/en-US/Apache_CloudStack/4.0.0-i
ncubating/pdf/Admin_Guide/Apache_CloudStack-4.0.0-incubating-Admin_Guide-en
-US.pdf

Look for LDAP configuration. In short you have following config params:

hostname
searchbase
queryfilter
binddn
bindpass
port
ssl
truststore
truststorepass
response



-abhi



>


Mime
View raw message