Configure Ambience/Repertoire 202x Server to use LDAP Authentication

Download the configuration guide here (347.3 KB).

To enable users to be authenticated by LDAP:

  1. In your etc\application.conf file, ensure that “simple-sso” is set to false and “ldap-sso” is set to true.
# choose either simple-sso (default) or ldap-sso or federated-sso
ambience.modules.simple-sso.enabled = false
ambience.modules.ldap-sso.enabled = true
ambience.modules.federated-sso.enabled = false

Note: Set federated-sso to True if you want to enable both local and LDAPS authentication simultaneously.

  1. Modify the following contents in etc/application.conf accordingly to the LDAP server, e.g.
# only used if module ldap-sso is selected above
ambience.ldap-sso {
	cxtFactory = "com.sun.jndi.ldap.LdapCtxFactory"
	host = "localhost"
	port = 10389
	protocol = "default"
	method = "simple"
	users = "ou=amb_users,DC=elixir,DC=com,DC=sg"
	uidAttribute = "sAMAccountName"
	mailAttribute = "userPrincipalName"
	connectTimeout = 10 seconds
	readTimeout = 10 seconds
	
	bind {
		user = "CN=xx,CN=xx,DC=xx,DC=xx,DC=xx"
		password = "{enc:elx-2.0}xxx"
	}

	groups {
		enabled = true
		root = "OU=xx,DC=xx,DC=xx,DC=xx"
		filter = "member=CN=xx,OU=xx,DC=xx,DC=xx,DC=xx"
		gidAttribute = "sAMAccountName"		
	}
}