A user has a DMA running on Windows Server 2016 that is not part of a domain - Windows Domain or Active Directory is not being used. User is interested to use only OpenLDAP via LDAP to manage users (i.e.: to add users, add users via adding groups, authenticate users, manage passwords, etc).
The version of DMA is 10.1.7. I would like to clarify if DMA 10.1.7 supports user management/authentication based upon the above scenario.
PS: Initial testing against an OpenLDAP server after consulting DataMiner Help indicates:
1) Ability to query users and add users from OpenLDAP, however attempting to login using the added user is unsuccessful.
2) Ability to query groups and add groups, however the users within the groups are not added.
Hi,
I found some general config information that seems relevant to the situation you are facing:
Can you check your DataMiner.xml settings as follows:
In the <LDAP> tag: set referralConfigured="false" . This is to make sure DataMiner reads out the users in the correct way from openLDAP.
When creating a group on openLDAP, make sure it is a group with objectClass = groupOfNames. GroupOfNames defines its members with the “member” attribute, which is used in DataMiner to read out users.
Make sure you use <Filter>(objectClass=groupOfNames)</Filter> as part of your Group settings in DataMiner.xml.
I believe this is all covered in the following help topic:https://help.dataminer.services/dataminer/#t=DataMinerUserGuidepart_3securityConfiguring_LDAP_settings.htm&rhsearch=openldap&rhhlterm=openldap&rhsyns=