Download the configuration guide here (347.3 KB).
- To encrypt your passwords, do refer to the following support entry:
Encrypting using Ambience/Repertoire 202x
To enable users to be authenticated by LDAP:
- In your etc\application.conf file, ensure that “simple-sso” is set to false and “ldap-sso” is set to true.
# choose either simple-sso (default) or ldap-sso or federated-sso
ambience.modules.simple-sso.enabled = false
ambience.modules.ldap-sso.enabled = true
ambience.modules.federated-sso.enabled = false
Note: Set federated-sso to True if you want to enable both local and LDAPS authentication simultaneously.
- Modify the following contents in etc/application.conf accordingly to the LDAP server, e.g.
# only used if module ldap-sso is selected above
ambience.ldap-sso {
cxtFactory = "com.sun.jndi.ldap.LdapCtxFactory"
host = "localhost"
port = 10389
protocol = "default"
method = "simple"
users = "ou=amb_users,DC=elixir,DC=com,DC=sg"
uidAttribute = "sAMAccountName"
mailAttribute = "userPrincipalName"
connectTimeout = 10 seconds
readTimeout = 10 seconds
bind {
user = "CN=xx,CN=xx,DC=xx,DC=xx,DC=xx"
password = "{enc:elx-2.0}xxx"
}
groups {
enabled = true
root = "OU=xx,DC=xx,DC=xx,DC=xx"
filter = "member=CN=xx,OU=xx,DC=xx,DC=xx,DC=xx"
gidAttribute = "sAMAccountName"
}
}