Hi,
I am using camunda with spring boot , Wanted to configure active directory as Identify provider. Can I get any lead on this?
Regards,
Subbu
Hi,
I am using camunda with spring boot , Wanted to configure active directory as Identify provider. Can I get any lead on this?
Regards,
Subbu
I can’t provide exact instructions, but I would have a look at the LDAP identity configuration of your application server for clues. In our environment our Active Directory servers also provide LDAP support and yours might do the same.
Hi @mppfor_manu,
Thank you very much for the reply. I am trying to connect to AD using the configuration class based on Webapp login via LDAP not working . Will test and will update.
Regards,
Subbu
I had a bit of trouble getting it working with Active Directory, but the key was to use an email address rather than a CN or DN for the mangerDn. Makes me think managerDn is misnamed, but it works. Here is an obsfucated copy of my config. This is similar to the Active Directory config I found elsewhere. I hope this helps.
<bean id="ldapIdentityProviderPlugin" class="org.camunda.bpm.identity.impl.ldap.plugin.LdapIdentityProviderPlugin">
<property name="serverUrl" value="ldap://ldapdchq.best.example.com:389/" />
<property name="managerDn" value="adminuser@best.example.com" />
<property name="managerPassword" value="didDinosaursUsePasswords?" />
<property name="baseDn" value="DC=best,DC=example,DC=com" />
<property name="userSearchBase" value="OU=Users,OU=Accounts" />
<property name="userSearchFilter" value="(objectclass=person)" />
<property name="userIdAttribute" value="sAMAccountName" />
<property name="userFirstnameAttribute" value="givenName" />
<property name="userLastnameAttribute" value="sn" />
<property name="userEmailAttribute" value="mail" />
<property name="userPasswordAttribute" value="userPassword" />
<property name="groupSearchBase" value="OU=SecurityGroups" />
<property name="groupSearchFilter" value="(objectclass=group)" />
<property name="groupIdAttribute" value="cn" />
<property name="groupNameAttribute" value="sAMAccountName" />
<property name="groupMemberAttribute" value="member" />
<property name="sortControlSupported" value="false" />
</bean>