LDAP Setup and Configuration of LDAP, Tomcat, and RTView

LDAP Configuration

1) Modify <location>/ldap.properties

sl.rtvapm.security.ldap=admin

sl.rtvapm.security.ldap.admin.dn=cn=admin,ou=People,dc=sl,dc=com (This is the DN from Pre-req #2)

sl.rtvapm.security.ldap.user.domain=dc=sl,dc=com (Domain to search for users. From Pre-req #3)

sl.rtvapm.security.ldap.user.query=(&(objectClass=*)(uid={user})) (the Query to find the user, from Pre-req #5)

sl.rtvapm.security.ldap.user.dn.attribute=distinguishedName (The attribute to find the Distinguishing name to login with the password)

#sl.rtvapm.security.ldap.connect=LDAPS://localhost:50001 (LDAP Connect String SSL)

sl.rtvapm.security.ldap.connect=LDAP://localhost:50000 (LDAP Connect String non-SSL, from Pre-req #1)

sl.rtvapm.security.ldap.authstring=cn={user},ou=people,dc=sl,dc=com (only used for user based LDAP. String to use when logging in as a user without query)

sl.rtvapm.security.ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory (The context factory used for both the Admin and User login)

sl.rtvapm.security.ldap.authtype=simple (The authtype for both Admin and user login)

sl.rtvapm.security.ldap.xml=c:/0/TechSupport/Extensions/LDAPIntegration/ldapUser/ldap.xml

sl.rtvapm.security.verbose=true

com.sun.jndi.ldap.read.timeout=2000

com.sun.jndi.ldap.connect.timeout=2000

sl.rtvapm.security.useCache=false

sl.rtvapm.security.cacheTimeout=60000

2) Update ldap and rtview admin passwords (from Pre-req #2)

Chmod 777 updatePassword.sh

./updatePassword.sh ldap <ldap process account password> -newKey

./updatePassword.sh rtview <RTView Admin password>

3) Update ldap.xml (from Pre-req #4)

This requires the list of LDAP Roles (distinghishingName) that will map to the RTView Roles.

Example:

<?xml version="1.0"?>

<sl-role>

<name>super</name>

<ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>

</sl-role>

<sl-role>

<name>admin</name>

<ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>

</sl-role>

<sl-role>

<ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>

</sl-role>

<sl-role>

<ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>

</sl-role>

</users>

Tomcat Configuration

1) Copy the ldapUser.jar to the $Catalina_home\lib

2) For Tomcat update $CATALINA_HOME\conf\Catalina.properties with :

com.sl.security.ldap.property.file=<location>/ldap.properties

3) update $Catalina_home\conf\server.xml

<Realm className="com.sl.custom.SLTomcatLDAPRealm"

resourceName="RTView" />

4) modify setup.js (add the following and remove the rtvuser:rtvuser line.)

rtv.dac.setGlobalVars({'rtv.dac.defReqMode': 'xhr'});

RTView Classic Configuration

DisplayServer Installation (5.x)

1) Modify the rtvservers.dat display server with -customUserManagerClassName:com.sl.custom.LDAPUserManager

central . DisplayServer1 rundisp -propfilter:ConfigClient -propfilter:AlertClient -propfilter:DisplayServer1 -customUserManagerClassName:com.sl.custom.LDAPUserManager

2) Modify central.properties add the following lines.

DisplayServer1.sl.rtview.cp=<location>/ldapUser.jar

DisplayServer1.sl.rtview.jvm=-Dcom.sl.security.ldap.property.file=<location>/ldap.properties

3) IF SSL, In Central.properties add the Java SSL truststore and password system properties (From Pre-req #6)

DisplayServer1.sl.rtview.jvm=-Djavax.net.ssl.trustStore=/0/ssl/myTrustStore

DisplayServer1.sl.rtview.jvm=-Djavax.net.ssl.trustStorePassword=CHANGEIT

5) Restart the Central DisplayServer.

./stop_servers.shf

./start_servers.sh

6) The Classic install is now complete configured and can be tested by using ldap user name and password at the RTView login page.

On this page:

Browser not supported