Setting up an LDAP(S) protocol - 7.3

Talend Administration Center User Guide

EnrichVersion
7.3
EnrichProdName
Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
EnrichPlatform
Talend Administration Center
task
Administration and Monitoring

About this task

If you use an LDAP or LDAPS directory to list your resources, in particular your personnel, you can use this directory to authenticate the Administration Center users. For more information on how to configure the keystore for LDAPS, see Configuring LDAP(S) for Talend Administration Center.

Procedure

  1. On the Menu, click Configuration and then click the LDAP group to display the parameters.
    Note that the data displayed in the capture below is used as an example, and that the field values must correspond to the values defined in your LDAP configuration.

    Example

  2. Set the parameters as the following:

    Parameter

    Value

    UseLDAPAuthentication

    Select true to activate LDAP authentication or false to deactivate it from the drop-down list.

    Enable LDAPS

    Select true to activate LDAP over SSL (LDAPS) authentication or false to deactivate it from the drop-down list.

    Host

    Type in the IP address and the host of the LDAP server.

    Port

    Type in the port of the LDAP server.

    Ldap principal DN prefix

    Type in the login of the user who has the right to search on the specified root or branch.

    Admin password

    Type in the password of the user who has the right to search on the specified root or branch.

    Login field

    Type in the name of the attribute representing the data that corresponds to the user's login.

    The name must correspond to one of the LDAP fields defined in your LDAP configuration and the value must not be empty.

    Email field

    Type in the name of the attribute representing the data that corresponds to the user's Email.

    The name must correspond to one of the LDAP fields defined in your LDAP configuration and the value must not be empty.

    Firstname field

    Type in the name of the attribute representing the data that corresponds to the user's Firstname.

    The name must correspond to one of the LDAP fields defined in your LDAP configuration and the value must not be empty.

    Lastname field

    Type in the name of the attribute representing the data that corresponds to the user's Lastname.

    The name must correspond to one of the LDAP fields defined in your LDAP configuration and the value must not be empty.

    Use LDAP login/password

    Select true so that Talend Administration Center credentials are used to login to SVN/Git. In this case, Talend Studio checks user credentials directly against the LDAP.

    When setting the option to false, the previously defined mappings in the fields below are not cleared.

    SvnLogin field /

    GitLogin field

    Type in name of the attribute representing the data that corresponds to the user's SVN or GIT login. This field must correspond to the field defined in your LDAP configuration.

    If you use the LDAP system to handle the SVN and Git credentials, the recommended way is to edit these credentials through LDAP and not through the Users page as Talend Administration Center will automatically retrieve the changes done on these credentials.

    SvnPassword field /

    GitPassword field

    Type in name of the attribute representing the data that corresponds to the user's SVN or GIT password. This field must correspond to the field defined in your LDAP configuration.

    If you use the LDAP system to handle the SVN and Git credentials, the recommended way is to edit these credentials through LDAP and not through the Users page as Talend Administration Center will automatically retrieve the changes done on these credentials.

    For more information on how to manage encryption of the SVN password in LDAP for Talend Administration Center, see the documentation on Managing password encryption/decryption in Talend Administration Center.

    Once the LDAP authentication is activated, the creation of the user account in the Users page is modified. From now on, only the Distinguished name is required as the other information about the user is retrieved from the LDAP directory. This way, user's login and password used to connect to Talend Administration Center or to Talend Studio are those defined in the LDAP directory.