The QPR_Servers.ini file contains a section called UMS LDAP. The section has the following keys:
•Username: the DN of the person entry used if the LDAP component logs in to the LDAP server with a username/password combination. If left blank, an anonymous login is used.
•Password: the userPassword attribute of the person entry used if the LDAP component logs in to the LDAP server with a username/password combination. Leave this blank if an anonymous login is used. The user password is stored encrypted.
•Searchbase: the DN of the entry under which the search is performed on. If left blank, the search starts from the top entry.
•ServerAddress: the address of the LDAP server. This must be specified.
•AlwaysUseSecureConnection: If this is 0, then an insecure connection is used between the LDAP component and LDAP server for all other functions than Authenticate.
•AuthenticateViaSecureConnection: If both this and AlwaysUseSecureConnection are 0, then Authentication is done with insecure connection. If AlwaysUseSecureConnection is 1, then this setting has no effect (i.e. then it automatically defaults to 1).
•AllowConcurrentCalls: If this is 1, LDAP calls can be performed concurrently instead of being serialized.
•ActiveSettingGroup: Identification of the currently active setting group. Each setting group contains technical settings to be adjusted to the LDAP directory used. The setting group names are enumerated in an ini file section called LDAPSettingGroups. In that section, for each setting group identification there is the name of the section containing the settings for that setting group. See Example below. See Appendix A for more details about LDAP settings groups.
An example LDAP configuration file:
[UMS LDAP]
UIDAttrName=uid
Username=CN=Testi Henkilo,OU=Oulu,O=QPR
Password=qprqpr
Searchbase=
ServerAddress=10.0.12.10
AlwaysUseSecureConnection=0
AuthenticateViaSecureConnection=1
ActiveSettingGroup=1
AllowConcurrentCalls=0
[UMS LDAP Setting Groups]
1=Standard
2=Active Directory
[UMS LDAP Standard]
DistinguishedNameAttribute=dn
CommonNameAttribute=cn
EmailAttribute=mail
MemberAttribute=member
DescriptionAttribute=description
PersonFullNameAttribute=<default>
FilterForSearchingGroups=(|(objectclass=groupOfNames)(objectclass=group))
FilterForSearchingPersons=objectclass=person
UIDAttributeName=uid
UseADGlobalCatalog=0
[UMS LDAP Active Directory]
DistinguishedNameAttribute=dn
CommonNameAttribute=cn
EmailAttribute=mail
MemberAttribute=member
DescriptionAttribute=description
PersonFullNameAttribute=<default>
FilterForSearchingGroups=objectclass=group
FilterForSearchingPersons=objectclass=person
UIDAttributeName=cn
UseADGlobalCatalog=1
