How to configure LDAP for authentication with Microsoft Active Directory

Article:HOWTO77752  |  Created: 2012-08-21  |  Updated: 2014-07-14  |  Article URL
Article Type
How To

Changing LDAP configuration variables is live, there is no need to re-start the server when the LDAP configuration is setup. When LDAP is enabled, all user authentication is done via LDAP except for superuser, which is always local to the cluster/appliance.   

To gain access to a Clearwell cluster/appliance, the end user must have a user account (and role) on the Clearwell as well.

This process can be automated by using the esa.ldap.createUnknownUsers=true setting as described below.  

When LDAP is enabled, all Clearwell user password facilities are removed from the UI, except for superuser's ability to modify his own password.

An example ldap configuration that works with an Active Directory server is as follows:

Step 1:

For specific values please contact your Active Directory administrator. 
These settings enable all Clearwell corporate accounts to have Case User access to all cases on your cluster. User names will be the Clearwell account names, like 'bloch'. 

Please use the System > Support Features > Property Browser to setup the following properties:

Then click 'Submit'. 

esa.ldap.userBase=ou=test Users,dc=corp,dc=local
esa.ldap.roleBase=ou=test Users,DC=corp,DC=local
esa.ldap.defaultRole=Case User

Step 2:

Check the output of the authentication.  If it fails authentication, then check the log file: "D:\CW\<version>\logs\catalina*.log  "

Step 3:

If it succeeds authentication, the system is now setup to use LDAP authentication.

Article URL

Terms of use for this information are found in Legal Notices