On 14/02/13 11:30 AM, "David Nalley" <da...@gnsa.us> wrote:
>On Thu, Feb 14, 2013 at 12:51 AM, Pranav Saxena ><pranav.sax...@citrix.com> wrote: >> To configure LDAP , we need to pass in few multiple mandatory >>parameters - >> >> hostname Hostname or ip address of the ldap server eg: >>my.ldap.com >> queryfilter You specify a query filter here, which narrows down the >>users, who can be part of this domain. >> searchbase The search base defines the starting point for the >>search in the directory tree >> >> If you are referring to Global settings , that can be done but then >>we'll have to have three Ldap config parameters there . if that is a >>good design to handle this , then yes we can do that. Perhaps , the idea >>is to have a single dialog box where a user could supply three values >>and configure and debug them if something goes wrong. > > >Those are the mandatory API inputs for CloudStack. >But almost all environments will require username/password for binding >at a minimum, and you should probably, and prolly offer the SSL option >as well. Port should probably be an option too. > >Without at least bind creds, the API configuration is practically >useless on any modern LDAP server. > >--David The admin guide documents the LDAP API. SSL is supported. http://incubator.apache.org/cloudstack/docs/en-US/Apache_CloudStack/4.0.0-i ncubating/pdf/Admin_Guide/Apache_CloudStack-4.0.0-incubating-Admin_Guide-en -US.pdf Look for LDAP configuration. In short you have following config params: hostname searchbase queryfilter binddn bindpass port ssl truststore truststorepass response -abhi >
