Scribd
Upload
88 views2 pages

Simple Config Ldap

This script configures LDAP authentication and user directory for a Spotfire system. It sets configuration variables, creates a database connection, default configuration, and LDAP configuration. It then configures LDAP group synchronization, the user directory to use the LDAP configuration, BASIC authentication to use LDAP, and imports the configuration. Finally, it promotes a user to administrator.

Uploaded by

Piyali
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
Download as txt, pdf, or txt
88 views2 pages

Simple Config Ldap

This script configures LDAP authentication and user directory for a Spotfire system. It sets configuration variables, creates a database connection, default configuration, and LDAP configuration. It then configures LDAP group synchronization, the user directory to use the LDAP configuration, BASIC authentication to use LDAP, and imports the configuration. Finally, it promotes a user to administrator.

Uploaded by

Piyali
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
Download as txt, pdf, or txt
Download as txt, pdf, or txt
You are on page 1/ 2

# Run this script from the command-line using the following command:

# config run simple-config-ldap.txt


# Before using this script you need to set the variables below:
set DB_DRIVER = "tibcosoftwareinc.jdbc.oracle.OracleDriver"
set DB_URL = "jdbc:tibcosoftwareinc:oracle://localhost:1521;SID=XE"
#set DB_DRIVER = "tibcosoftwareinc.jdbc.sqlserver.SQLServerDriver"
#set DB_URL = "jdbc:tibcosoftwareinc:sqlserver://<server>:<port>;DatabaseName=<d
atabase name>"
set DB_USER = "spotfire"
set DB_PASSWORD = "spotfire123"
set CONFIG_TOOL_PASSWORD = "sp00tfire"
# Set the default domain which will be used when trying to authenticate users th
at doesn't specify a domain name
set DEFAULT_DOMAIN="bdpdomain"
# The admin user will be assumed to belong to the default domain (as configured
above),
# unless the name includes the user's domain name, e.g. 'username@domain'
set ADMIN_USER = "spotfireadmin"
# See the help topic for create-ldap-config command
# for more information about these LDAP parameters.
# To view this help topic, run the following command:
# config help create-ldap-config
set LDAP_CONFIG_ID="ldap1"
set LDAP_SERVER_TYPE="Custom"
set LDAP_SERVERS="ldap://bdp-1.bdpdomain.com:389"
set LDAP_CONTEXTS="DC=bdpdomain,DC=com"
set LDAP_USERNAME="UID=ipausers,CN=admin,DC=bdpdomain,DC=com"
set LDAP_PASSWORD="hdp-mservice"
# To enable group synchronization:
# 1. Uncomment the lines where the LDAP_GROUP_SYNC_NAMES and LDAP_GROUP_SYNC_SCH
EDULE variables are set
# 2. Uncomment the lines where the config-ldap-group-sync is being called
#set LDAP_GROUP_SYNC_NAMES="<Account names or DNs of external groups to synchron
ize>"
#set LDAP_GROUP_SYNC_SCHEDULE="<Group synchronization cron schedule>"
echo Creating the database connection configuration
bootstrap --no-prompt --driver-class="${DB_DRIVER}" --database-url="${DB_URL}" \
--username="${DB_USER}" --password="${DB_PASSWORD}" --tool-password="${CONFIG_
TOOL_PASSWORD}"
echo
echo Creating the default configuration
create-default-config
echo
echo "Creating LDAP configuration '${LDAP_CONFIG_ID}'"
create-ldap-config --id="${LDAP_CONFIG_ID}" --type="${LDAP_SERVER_TYPE}" \
--servers="${LDAP_SERVERS}" --context-names="${LDAP_CONTEXTS}" \
--user-name-attribute="cn"--username="${LDAP_USERNAME}" --password="${LDAP_PASS
WORD}" --schedules="@minutely" --user-search-filter="uid=*"
echo
echo "Setting up group synchronization for LDAP configuration '${LDAP_CONFIG_ID}
'"

config-ldap-group-sync --id="${LDAP_CONFIG_ID}" --group-sync-enabled="true" \


--group-names="${LDAP_GROUP_SYNC_NAMES}" --schedules="${LDAP_GROUP_SYNC_SCHEDU
LE}" --group-search-filter="cn" --group-name-attribute="ipausergroup" --supports
-member-of=false --member-attribute="cn=admin"
echo
echo "Setting up the User Directory for LDAP using LDAP configuration '${LDAP_CO
NFIG_ID}'"
config-ldap-userdir --ldap-configs="${LDAP_CONFIG_ID}"
config-userdir --mode="ldap" --domain-name-style="dns"
echo
echo "Setting up BASIC Authentication for LDAP using LDAP configuration '${LDAP_
CONFIG_ID}'"
config-basic-ldap-auth --ldap-configs="${LDAP_CONFIG_ID}"
config-auth --auth-method="BASIC" --jaas-ldap --default-domain="${DEFAULT_DOMAIN
}"
echo
echo Importing the configuration
import-config --tool-password="${CONFIG_TOOL_PASSWORD}" \
--comment="First config using LDAP for authentication and user directory"
echo
echo Promoting the user '${ADMIN_USER}' to administrator
promote-admin --tool-password="${CONFIG_TOOL_PASSWORD}" --username="${ADMIN_USER
}"
echo

You might also like