LDAP Configuration
Configuring LDAP as an entry method to the eBA System.
- Server settings
- Configuring with the eBA Configuration Tool
- Setting up IIS
- Matching eBA users with LDAP users
- Testing and troubleshooting
1. Server settings
The server where eBA is installed should be able to access the server where LDAP is located on the network. The server must be domained.
2. Configuring with the eBA Configuration Tool
The eBA Configuration Tool is run from the path [eBA Installation Directory]\ConfigServer\eBAServerConfigTool.exe. After the program runs, the following screen can be accessed by selecting the Security tab.
The following features should be selected on this screen.
Authentication Mode : custom Authentication Type : LDAP
If users are going to use only LDAP usernames when logging in, it should be LoginMode : external.
If they are going to use both the eBA username password and the LDAP username password, it should be mixed or if they are going to use the password in LDAP, the username in the eba should be internal.
If the user names in eBA and the usernames in LDAP are the same, ExternalUserMatch : equal.
If they are not the same, they must be matched. How to do this is explained in the step [4. Matching eBA users to LDAP users](### 4. Matching eBA users to LDAP users).
The domain path should be able to query the users who will enter the system. Otherwise, authentication cannot be done. This domain must be selected from the default domain selection box.
If there is more than one domain, the Allow Multiple Domain Entry selection box should be checked. Thus, more than one domain can be entered.
If the Allow Multiple Domain Entry selection box is unchecked and more than one domain is already registered, the program will wait for the user's approval to delete all domain names and paths except the Default Domain.
The Domain Path can be tested by pressing the Test button. The following screen can be accessed by pressing the test button.
On this screen, values such as Domain Name and Domain Path are automatically obtained from the relevant fields. The domain path entered can be checked by filling in the Username and Password fields.
In order to detect these settings, it is necessary to go to the Services tab and start and stop the eBAServer service.
3. Setting up IIS
Under Control Panel->Administrative Tools->Internet Information Services, eba.net application properties should be entered. Features View, Authentication is double-clicked.
Anonymous access must be selected in the incoming window (Enabled). Windows authentication at the bottom should not be selected (Disabled***).
Click on the eba.net application Content View and find the WindowsAuthentication.aspx* file from the list on the right and enter the **Features View*** properties.
Authentication is double-clicked. Anonymous authentication should not be selected in the window that appears (Disabled). Windows authentication at the bottom must be selected. (Enabled)
4. Matching eBA users with LDAP users
If eBA users and LDAP users are not the same, matching is necessary. In this way, it can be understood which user each user in LDAP corresponds to in eBA.
For pairing definitions, it is necessary to add the ExternalUsername definition to the user definitions.
After entering the eBA System Manager, the Organization Management->Property Definitions->Properties menu opens.
If there is no ExternalUsername in Property Definitions, click the Add New Property Definition button and select Name: ExternalUsername, Title: ExternalUsername, Type: Text and press OK.
If there is no ExternalUsername among the User Properties, click on Add New Property***.
Click on ExternalUsername from the Property Definitions*** list. This feature is thus added to the User Properties.