« 返回到 LDAP

LDAP with AD

Introduction #

This is an example of a basic LDAP integration in Liferay 5.2. In the example we import users into Liferay via LDAP.

Environment #

System Notes://
Windows Server 2003, Active Directory
Liferay 5.2 SP3

Steps #

1. First, create your users in Active Directory (or its equivalent). Make sure to give essential information such as email, as we'll be authenticating users with email addresses.

2. To go into the LDAP settings, go to Control Panel->Settings. Under Configuration, click Authentication->LDAP.

To enable LDAP, check "Enable", simple enough.
Under Import/Export, check "Import Enabled". When checked, Liferay will periodically synchronize with LDAP. The interval Liferay does this can be changed in your portal-ext.properties.

"Import on Startup Enabled" should be self-explanatory.

We'll leave "Export Enabled" unchecked.

3. Now then, click "Add" to add your LDAP Server.
Type in the name of your LDAP Server at the top
You'll notice that there is a radio button list of default choices; clicking these will help you fill out your default values if you haven't deviated from the default values much.

Set your values accordingly.
I set my values as such
Now test your connection to see if it validates.

4. For your Users field, I left these mostly default, except for the Email Address field. I changed this to "mail", since the default value will make it the username plus the domain name.
If you wish to change how users login (Ex. Login with screen name), then change the settings in theAuthentication Search Filter field.

5. Fill out the rest of the form accordingly, then click Save. Please note that only users with Screen Name, Password, Email Address, First Name, and Last Name will be imported.

Now, if you checked "Import on Startup Enabled", then restart your App Server. Log back in, go the Control Panel->Users and viola! Your imported Users will be there!


FAQ**#

Q. Can I import LDAP users from multiple domains?
A. Yes, but only if you have 5.2EE SP3 and up, since previous versions can only support a single LDAP server setting at a time.
However, you cannot import a user's profile information from multiple domains in a single query (ex. Import a user's name from Domain A and email from Domain B), it must all be imported from a single domain.

12 附件
61616 查看
平均 (2 票)
满分为 5,平均得分为 5.0。
评论