Configuring LDAP server to connect with OpenAM
This guide applies to most of the LDAP servers.
Please replace every federation.ga with your OpenAM domian.
Prerequisites:
Tomcat 7
OpenAM
LDAP Server
If you have not yet installed OpenAM please follow this guide: Installing OpenAM
Log-in to OpenAM web admin:
- Setup an identity provider, go to "Access Control".
- Click on "/ (Top Level Realm)"
- Go to "Authentication" tab.
- Create a new module instance
- Create a LDAP module. (on this example we use "OpenLDAP" as name).
- Click on generated module on "Module instances" section
- Fill all your LDAP parameters, example is attached
- Save the form and click on "Back to authentication"
- On authentication tab click on "Core" > "All core settings"
- Change "User profile" to "Dynamic" and Save
- In order to sync user creation and password reset we need to configure it also as a Data Store, so we will click on Data Stores
- Click on new
- Type a name and select "Generic LDAPv3"
- Configure your LDAP settings
- Click on Finish
- The configuration is ready, just be sure that you have users on LDAP with uid parameter as the username in Google Apps, and mail value the same as the user's full email.
- Test the configuration going to:
- http://openam.federation.ga:8080/openam/UI/Login?realm=/&module=OpenLDAP