LDAP connection

hi All,
I would like to know if there is a possible to connect CentraSite to LDAP, so the user won’t be register as a centraSite user but will authenticate as a domain user.
I’m asking that because for example if I have a user that has changed his role to something else in the firm and know he is not authorized to enter the CentraSite as an old user role that he use to have.
If I won’t delete it from the centrasite users as well as from the AD group. He will still be able to enter and change things.

If someone will tell me that it is not possible to manage the users from the AD then I would like to know if it is possible to create a JAXR class that will scheduled to run every night and check the users against the AD users.

Regards,
Liran

Please check the LDAP documentation here: http://techcommunity.softwareag.com/ecosystem/documentation/webmethods/wmsuites/wmsuite8-2_fcs/CentraSite/8-2_CentraSite/ag-authent/overview.htm

Daniel

Many thanks for your help it was very helpful. But if the user wasn’t erased from the AD but only change his role from one position in the company to a new position that restricted him by definition from doing things and getting access to several systems that he used to see. What will happens now that he will authenticate against the AD?
I think that it will let the user enter to the CS and won’t restrict him because he is a well know user that authenticate with the AD even if.
he was deleted from the old group in the AD.
liran

As long as the user is know to LDAP/AD and is also still a activated CS user he will be able to login. What you can do though is working with CS groups which are associated to external LDAP groups to mange permissions within CS according to external LDAP groups.

As a webMethods BPM suite customer who has installed and configured LDAP for My Web Methods Server and Integration Server, I find it frustrating that every product uses different terminology and configuration options to allow LDAP to be used for authorization and authentication.

Why can’t we use Central User Management from MWS as IS does?

Daryl

P.S. I will be working with the instructions referenced here soon and also need to work with my LDAP gurus to determine what exactly Software AG/webMethods Centrasite is asking for in CNs, DNs, etc.

Daryl,

please check also the LDAP Configuration Tool for CentraSite that we provide on Empower (https://empower.softwareag.com/sl24sec/SecuredServices/Products.nav5/Component_Downloads.lnk2/Default.htm#CentraSite). It will guide you through the ldap configuration steps.

Daniel

I was able to configure the authentication for SMH to use LDAP using the instructions noted in this thread. I am now trying to get into Centrasite and so far, no luck.

We are trying to use Centrasite FCS 8.2 and await GA sometime in April.

Daryl

Daniel, thanks for the information. I will use the tool and follow our GCS engagement configuration document.

Here is the error I am now receiving. It appears that this software may not be functioning within my environment. Is this the only way to configure LDAP for use with Centrasite?

Daryl

Trying to connect to LDAP at: ldap://mora.aset.psu.edu:389

===========================================================
check 1: LDAP Host >> PLEASE WAIT…

Exception in thread “main” java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main(JarRsrcLoa
der.java:56)
Caused by: java.lang.UnsatisfiedLinkError: no sagssxuserdbimpl2 in java.library.
path
at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1734)
at java.lang.Runtime.loadLibrary0(Runtime.java:823)
at java.lang.System.loadLibrary(System.java:1028)
at com.softwareag.security.ssx.SSXRepository.(SSXRepository.java
:92)
at com.softwareag.security.ssx.ldapvalidator.LdapConfiguration.checkBasi
cHostInfo(LdapConfiguration.java:226)
at com.softwareag.security.ssx.ldapvalidator.LdapValidator.inputAndCheck
Dialog(LdapValidator.java:745)
at com.softwareag.security.ssx.ldapvalidator.LdapValidator.execute(LdapV
alidator.java:805)
at com.softwareag.security.ssx.ldapvalidator.LdapValidator.main(LdapVali
dator.java:820)
… 5 more