LDAP Setup and Configuration
- SL Docs
LDAP Setup and Configuration of LDAP, Tomcat, and RTView
LDAP Configuration
1)Â Â Â Â Â Â Â Â Â Â Â Modify <location>/ldap.properties
              sl.rtvapm.security.ldap=admin
              sl.rtvapm.security.ldap.admin.dn=cn=admin,ou=People,dc=sl,dc=com (This is the DN from Pre-req #2)
              sl.rtvapm.security.ldap.user.domain=dc=sl,dc=com (Domain to search for users. From Pre-req #3)
              sl.rtvapm.security.ldap.user.query=(&(objectClass=*)(uid={user})) (the Query to find the user, from Pre-req #5)
              sl.rtvapm.security.ldap.user.dn.attribute=distinguishedName (The attribute to find the Distinguishing name to login with the password)
              #sl.rtvapm.security.ldap.connect=LDAPS://localhost:50001 (LDAP Connect String SSL)
              sl.rtvapm.security.ldap.connect=LDAP://localhost:50000 (LDAP Connect String non-SSL, from Pre-req #1)
              sl.rtvapm.security.ldap.authstring=cn={user},ou=people,dc=sl,dc=com (only used for user based LDAP. String to use when logging in as a user without query)
              sl.rtvapm.security.ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory (The context factory used for both the Admin and User login)
              sl.rtvapm.security.ldap.authtype=simple (The authtype for both Admin and user login)
             Â
              sl.rtvapm.security.ldap.xml=c:/0/TechSupport/Extensions/LDAPIntegration/ldapUser/ldap.xml
              sl.rtvapm.security.verbose=true
              com.sun.jndi.ldap.read.timeout=2000
              com.sun.jndi.ldap.connect.timeout=2000
              sl.rtvapm.security.useCache=false
              sl.rtvapm.security.cacheTimeout=60000
2)Â Â Â Â Â Â Â Â Â Â Â Update ldap and rtview admin passwords (from Pre-req #2)
              Chmod 777 updatePassword.sh
              ./updatePassword.sh ldap <ldap process account password> -newKey
              ./updatePassword.sh rtview <RTView Admin password>
3)Â Â Â Â Â Â Â Â Â Â Â Update ldap.xml (from Pre-req #4)
              This requires the list of LDAP Roles (distinghishingName) that will map to the RTView Roles.  Â
              Example:
              <?xml version="1.0"?>
              <users xmlns="www.sl.com" >
              <sl-role>
                             <name>super</name>
                             <ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>
              </sl-role>
              <sl-role>
                             <name>admin</name>
                             <ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>
              </sl-role>
              <sl-role>
                             <name>demo</name>
                             <ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>
              </sl-role>
              <sl-role>
                             <name>read</name>
                             <ldap-role>INSERT THE DISTINGUISHEDNAME FOR THE LDAP ROLE HERE</ldap-role>
              </sl-role>
              </users>
Tomcat Configuration
1) Copy the ldapUser.jar to the $Catalina_home\lib
2) For Tomcat update $CATALINA_HOME\conf\Catalina.properties with :
              com.sl.security.ldap.property.file=<location>/ldap.properties
3) update $Catalina_home\conf\server.xml
                             <Realm className="com.sl.custom.SLTomcatLDAPRealm"
                                                             resourceName="RTView" />
                                                        Â
4) modify setup.js (add the following and remove the rtvuser:rtvuser line.)
              rtv.dac.setGlobalVars({'rtv.dac.defReqMode': 'xhr'});
RTView Classic Configuration
DisplayServer Installation (5.x)
1)Â Â Â Â Â Â Â Â Â Â Â Modify the rtvservers.dat display server with -customUserManagerClassName:com.sl.custom.LDAPUserManager
              central                .             DisplayServer1  rundisp -propfilter:ConfigClient -propfilter:AlertClient -propfilter:DisplayServer1 -customUserManagerClassName:com.sl.custom.LDAPUserManager
2)Â Â Â Â Â Â Â Â Â Â Â Modify central.properties add the following lines.
              DisplayServer1.sl.rtview.cp=<location>/ldapUser.jar
              DisplayServer1.sl.rtview.jvm=-Dcom.sl.security.ldap.property.file=<location>/ldap.properties
3)Â Â Â Â Â Â Â Â Â Â Â IF SSL, In Central.properties add the Java SSL truststore and password system properties (From Pre-req #6)
              DisplayServer1.sl.rtview.jvm=-Djavax.net.ssl.trustStore=/0/ssl/myTrustStore
              DisplayServer1.sl.rtview.jvm=-Djavax.net.ssl.trustStorePassword=CHANGEIT
5) Â Â Â Â Â Â Â Â Â Â Restart the Central DisplayServer.
              ./stop_servers.shf
              ./start_servers.sh
6) Â Â Â Â Â Â Â Â Â Â The Classic install is now complete configured and can be tested by using ldap user name and password at the RTView login page.
On this page: