This is a step-by-step configuration guide to configure AD Synchronization (Cache Refresh) in Gluu Server.
There is a documentation available here, but I find it too generic and at times, confusing. Far too wordy with little graphical illustrations.
Step 1: Source Backend LDAP Servers
 |
| Click on "Add source LDAP server" |
 |
| Fill in the detail for the backend MS AD server |
 |
| Appears on top-right of screen when "Test LDAP Connection" is clicked |
Step 2: Customer Backend Key/Attributes
( This is the screen that I have the most opinion on. Why use "Customer", not "Source"? Why "Source" Attribute? How about the rest? They are not from "Source"? It's not consistent.)
 |
| Take note that the above should reflect how a Person object is to be fetched from MS AD |
Step 3: Cache Refresh
 |
| Make sure "Keep external persons" is enabled |
As per documented, "This will allow your default user 'admin' to log into Gluu Server after initial Cache Refresh iteration. If you do not enable 'Keep External Person', your 'admin' user including all other test users will be gone after first Cache Refresh iteration."
 |
| Left column refers to Source; Right column refers to Destination |
 |
| Make sure "Cache Refresh" is enabled |
Step 4: Manage LDAP Authentication
Remember this diagram from previous post?
What we have done so far is for (2) to work.
For (3) to work, we need to navigate to Configuration > Manage Authentication. Scroll to the bottom of the page, click on "Add source LDAP server".
 |
| Add MS AD detail. Click "Test LDAP Connection" to ensure connection is OK |
Done.
.
Hello
ReplyDeleteI have one doubt.How the AD authentication taking place without password?
Today i have configured the gluu server but while configuring i am getting "Failed to connect ldap server".
Any help will be appreciated.