Perform the below steps for configuring LDAP on Klera.
Step 1: Configure SSL Certificate
If LDAP server is hosted on SSL, perform the following steps, else skip to Step 2.
Steps to add Certificate to JVM Trusted Store
Prerequisite - ADS Trusted Certificate
Note:The certificate will be provided by the ADS administrator. |
Steps to follow for Klera version 3.2.X:
- Keep the Cert file in any folder.
- Run below command from same folder docker cp ./<Cert file name> klerapecore:/usr/local/klera/Tools/InstallADSCertificateToKlera
- Go to the Klera SDLC Linux build folder.
- Run ADSCertificateInstaller.sh script.
- Restart Klera PE core container.
- Post restart of Klera services, you can configure ADS running on SSL protocol with Klera.
Steps to follow for Klera version 4.1.X onwards:
- Copy ADS SSL certificate in "Tools" folder inside klera set-up folder.
- Rename SSL certificate file name to "ADS_SSL.cer" if it is different.
- Go to the path <Klera set-up folder>\Tools\ and run ADSCertificateInstaller using command "sh ADSCertificateInstaller.sh".
- We will get a message "Certificate was added to keystore" if no certificate exists previously. Else you will be asked whether Do you want to replace existing or not.
- After applying the certificate restart klera container using command "docker restart klerapecore"
- Post restart of Klera services, you can configure ADS running on SSL protocol with Klera.
Step 2: Configure LDAP on Klera
- Login to Klera.
- Right-click on the Floor (The empty canvas displayed after successful login). A context menu will appear.
- Select Security -> Configure Authentication Mode to open the form (as shown in the following screenshot).
4. Select the LDAP option from Authentication Mode and fill in the rest of the details.
Open Advanced Settings: This is required to define or update user schema and group schema settings.
- If the Directory Server Type is Microsoft Active Directory, OpenLDAP or Apache Directory Server, user and group schema settings can be modified using ‘Open Advance Settings’.
- In case of Custom directory server type LDAP, server schema settings need to be defined by admin.
Enable/ Disable ‘Open Advance Settings’ checkbox based on Directory Server Type that has been selected.
Note: If the ‘Auto Enabled User ‘option is selected, users synced from ADS will automatically get enabled on Klera. Else, Klera admin will have to enable the users manually. |
5. Click Configure.
6. If you have selected ‘Open Advance Settings’, the below screen will appear. Validate/ Configure the parameter values in the form. Click Apply.
After successful completion of above steps, users can enter their Active Directory Username and Password to log in to Klera.