Monday, November 30, 2015

Active Directory User Store Configurations for get LDAP users with their roles and role list WSO2 Servers

<?xml version="1.0" encoding="UTF-8"?>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
  <Property name="ConnectionName">user_wso2ldap</Property>
  <Property name="ConnectionURL">ldap://youdomain.com:389</Property>
  <Property encrypted="true" name="ConnectionPassword">######</Property>
  <Property name="UserSearchBase">CN=Users,DC=rm,DC=gr,DC=testypf,DC=com</Property>
  <Property name="UserNameListFilter">(objectClass=organizationalPerson)</Property>
  <Property name="UserNameAttribute">sAMAccountName</Property>
  <Property name="UserNameSearchFilter">(&amp;(objectClass=organizationalPerson)(sAMAccountName=?))</Property>
  <Property name="ReadOnly">true</Property>
  <Property name="MaxUserNameListLength">100</Property>
  <Property name="MaxRoleNameListLength">100</Property>
  <Property name="UserRolesCacheEnabled">true</Property>
  <Property name="SCIMEnabled">false</Property>
  <Property name="DisplayNameAttribute">sAMAccountName</Property>
  <Property name="Disabled">false</Property>
  <Property name="ReadGroups">false</Property>
  <Property name="GroupSearchBase">ou=system</Property>
  <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
  <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
  <Property name="GroupNameAttribute">cn</Property>
  <Property name="MembershipAttribute">member</Property>
  <Property name="MemberOfAttribute">memberOf</Property>
  <Property name="MultiAttributeSeparator">,</Property>
  <Property name="PasswordHashMethod">PLAIN_TEXT</Property>
  <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
  <Property name="ConnectionPoolingEnabled">false</Property>
  <Property name="UserDNPattern"/>
  <Property name="DomainName">TEST</Property>
  <Property name="Description"/>
</UserStoreManager>
NOTE : Depend on the User store structure, CN, DC and etc values may changed.

No comments:

Post a Comment