Using Indirect LDAP authentication in Talend MDM 6.0 and onward - 6.3

How to configure Talend MDM with LDAP authentication if LdapDirect is set to false

EnrichVersion
6.3
task
Installation and Upgrade
EnrichPlatform
Talend MDM Server

Procedure

  1. Open an LDAP connection and make sure that LDAP users exist under the LDAP server repository tree.

    In this example, the Apache Directory Studio is used as the LDAP browser and editor. There are two users administrator and john under ou=talend, dc=example, dc=com.

  2. Open the file jaas_ldap.conf under the directory <$INSTALLDIR>\conf, where INSTALLDIR indicates your Talend MDM installation directory.
  3. Make the changes required for the LDAP authentication in the configuration file.
    MDM {
      com.amalto.core.server.security.jaas.LDAPLoginModule sufficient
      useFirstPass=false
      java.naming.factory.initial="com.sun.jndi.ldap.LdapCtxFactory"
      java.naming.security.authentication="simple"
      java.naming.provider.url="ldap://localhost:10389"
      LdapDirect=false
      LdapAdminDN="uid=admin,ou=system"
      LdapAdminPassword=secret
      searchBase="ou=talend,dc=example,dc=com"
      searchFilter="(&(objectClass=*)&(cn={0}))";
    };
    TDSC {
      com.amalto.core.server.security.jaas.LDAPLoginModule sufficient
      useFirstPass=false
      java.naming.factory.initial="com.sun.jndi.ldap.LdapCtxFactory"
      java.naming.security.authentication="simple"
      java.naming.provider.url="ldap://localhost:10389"
      LdapDirect=false
      LdapAdminDN="uid=admin,ou=system"
      LdapAdminPassword=secret
      searchBase="ou=talend,dc=example,dc=com"
      searchFilter="(&(objectClass=*)&(cn={0}))";
    };
  4. After the configuration is done, save the file jaas_ldap.conf and rename it to jaas.conf. If needed, firstly make a backup copy of the original jaas_ldap.conf file.
  5. Restart the Talend MDM Server for the configuration to take effect.
  6. In Talend Studio, add two LDAP users administrator and john to the PROVISIONING database.
  7. Log in to Talend MDM Web UI as an LDAP authorized user, and check that the user login is successful.

    For example, enter administrator/12345 (which are the uid/password in LDAP).