Home‎ > ‎SSO Single Sign-On‎ > ‎

Configuring LDAP server to connect with OpenAM

Configuring LDAP server to connect with OpenAM

This guide applies to most of the LDAP servers.


Please replace every federation.ga with your OpenAM domian.


Prerequisites:

  • Tomcat 7

  • OpenAM

  • LDAP Server



Instructions:

  • If you have not yet installed OpenAM please follow this guide: Installing OpenAM

  • Log-in to OpenAM web admin:

  • Setup an identity provider, go to "Access Control".
  • Click on "/ (Top Level Realm)"
  • Go to "Authentication" tab.
  • Create a new module instance
  • Create a LDAP module. (on this example we use "OpenLDAP" as name).
  • Click on generated module on "Module instances" section
  • Fill all your LDAP parameters, example is attached

  • Save the form and click on "Back to authentication"
  • On authentication tab click on "Core" > "All core settings"

  • Change "User profile" to "Dynamic" and Save
  • In order to sync user creation and password reset we need to configure it also as a Data Store, so we will click on Data Stores
  • Click on new

  • Type a name and select "Generic LDAPv3"
  • Configure your LDAP settings


  • Click on Finish

  • The configuration is ready, just be sure that you have users on LDAP with uid parameter as the username in Google Apps, and mail value the same as the user's full email.
  • Test the configuration going to:
  • http://openam.federation.ga:8080/openam/UI/Login?realm=/&module=OpenLDAP

Comments