細かい手順はFile Membership Domainと同じですので、<teiid-install>/membership-ldap.propertiesと細かい注意点のみです。
■<teiid-install>/membership-ldap.properties
ADのドメイン:ad.local
# Configuration file for LDAP membership domain activate=true # The class that implements the LDAP membership ldap.AuthDomainClass=com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain #Full LDAP URL (mandatory) ldapURL=ldap://localhost:389 #Bind account password for group lookup. ldapAdmin.password=<administrator's password> #The attribute(s) that uniquely identifies a user. #users.displayName.attribute = uid users.displayName.attribute = name #The search filter(s) to apply to each users root context. users.searchFilter=(objectclass=*) #Specifies the context(s) to use when searching for users.(mandatory) users.rootContext=cn=Users,dc=ad,dc=local #Bind account DN for group lookup. ldapAdmin.dn=cn=administrator,cn=Users,dc=ad,dc=local #Attribute(s) that appears on each user that identifies group membership. users.memberOf.attribute= #The attribute(s) that uniquely identifies a group. groups.displayName.attribute= #How far down the directory tree to search each users root context. users.searchScope=SUBTREE_SCOPE #Specifies the context(s) to use when searching for groups.(mandatory) groups.rootContext=cn=Groups,dc=ad,dc=local # Membership Domain Class Name AuthDomainClass=com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain #The search filter(s) to apply to each groups root context groups.searchFilter=(objectclass=*) #How far down the directory tree to search each groups root context. groups.searchScope=SUBTREE_SCOPE #Time to wait for LDAP operations to complete.(defaults to unlimited) #txnTimeoutInMillis= #The attribute(s) that contains the members of the group. groups.groupMember.attribute=
注意点としては、"users.displayName.attribute" が、AD の場合 uid ではダメで、name または cn としてください。
うまくいかないときは、<teiid-install>/deploy/log4j.xmlを編集するとヒントが出てくるかもしれません。
自分は、以下のようにしてみました。
<appender name="ASYNC" class="org.apache.log4j.AsyncAppender"> <appender-ref ref="FILE"/> <appender-ref ref="CONSOLE"/> </appender>
<!-- Console Appender --> <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender"> <param name="Target" value="System.out"/> <param name="Threshold" value="INFO"/> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d %p [%t] %c - %m%n"/> </layout> </appender> <!-- -->
<logger name="org.teiid"> <!-- level value="WARN" /--> <level value="INFO" /> </logger>
0 件のコメント:
コメントを投稿