Manage LDAP users

Talend Big Data Platform Installation Guide for Linux

EnrichVersion
6.5
EnrichProdName
Talend Big Data Platform
task
Installation and Upgrade
EnrichPlatform
Talend JobServer
Talend Identity and Access Management
Talend Data Preparation
Talend SAP RFC Server
Talend Studio
Talend Log Server
Talend CommandLine
Talend Installer
Talend Activity Monitoring Console
Talend Runtime
Talend Data Stewardship
Talend Administration Center
Talend Artifact Repository
Talend DQ Portal
Talend Repository Manager
  1. Edit the file <TomcatPath>/webapps/tdqportal/WEB-INF/conf/webapp/ldap_authorizations.xml and modify the LDAP parameters of your LDAP server.
    Attribute Name Description
    HOST LDAP server host name.
    PORT LDAP server port.
    ADMIN_USER LDAP server administrator user name.
    ADMIN_PSW LDAP server administrator password.
    BASE_DN LDAP server base domain.
    USER_SEARCH_PATH Node under which Talend DQ Portal looks for users.
    USER_OBJECT_CLASS objectClass corresponding to the user.
    USER_ID_ATTRIBUTE_NAME Name of the attribute containing the user identifier.
    USER_NAME_ATTRIBUTE_NAME Name of the attribute containing the user name.
    SUPER_ADMIN_ATTRIBUTE_NAME Name of the attribute containing the administrator information.

    This attribute must match the USER_ATTRIBUTE name="superAdmin" one.

    USER_MEMBEROF_ATTRIBUTE_NAME This attribute must match the USER_ATTRIBUTE name="memberOf" one.
    USER_ATTRIBUTE User attributes to be loaded when querying the LDAP server.
    GROUP_SEARCH_PATH Node under which Talend DQ Portal looks for groups.
    GROUP_OBJECT_CLASS objectClass corresponding to the group.
    GROUP_ID_ATTRIBUTE_NAME Name of the attribute containing the group identifier.
    GROUP_ATTRIBUTE Group attributes to be loaded when querying the LDAP server.
    ACCESS_GROUP_NAME If specified, users must belong to this group in order to access Talend DQ Portal.
    GROUP_MEMBERS_ATTRIBUTE_NAME If the ACCESS_GROUP_NAME attribute is specified, this attribute has to contain the list of users belonging to this group.
  2. Click the button and, in the menu that opens, click Users Management to check the users and roles.
  3. Add users using the LDIF File template.

    For example, we consider DN as ou=People,dc=talend,dc=com and group of users as ou=/spagobi/talend/tdq_user.

    To add a group of users, use the following LDIF template:

    dn: ou=Group,dc=talend,dc=com
    objectClass: top
    objectClass: organizationalUnit
    ou: Group
    
    dn: ou=/spagobi/admin,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/admin
    ou: /spagobi/admin
    
    dn: ou=/spagobi/dev,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/dev
    ou: /spagobi/dev
    
    dn: ou=/spagobi/test,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/test
    ou: /spagobi/test
    
    dn: ou=/spagobi/user,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/user
    ou: /spagobi/user
    
    dn: ou=/spagobi/talend/tdquser,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/talend/tdquser
    ou: /spagobi/talend/tdquser

    To add a group of users, use the following LDIF template:

    dn: ou=Group,dc=talend,dc=com
    objectClass: top
    objectClass: organizationalUnit
    ou: Group
    
    dn: ou=/spagobi/admin,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/admin
    ou: /spagobi/admin
    
    dn: ou=/spagobi/dev,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/dev
    ou: /spagobi/dev
    
    dn: ou=/spagobi/test,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/test
    ou: /spagobi/test
    
    dn: ou=/spagobi/user,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/user
    ou: /spagobi/user
    
    dn: ou=/spagobi/talend/tdquser,ou=Group,dc=talend,dc=com
    objectClass: organizationalUnit
    objectClass: top
    description: /spagobi/talend/tdquser
    ou: /spagobi/talend/tdquser
  4. Load the LDIF data into the LDAP directory server.