Skip to main content
Version Pentaho
Hitachi Vantara Lumada and Pentaho Documentation

Manual LDAP Configuration

  1. Last updated
  2. Save as PDF

You must have a working LDAP server with an established configuration before continuing. Follow the instructions below to manually switch from Pentaho default security to LDAP security.

  1. Stop the Pentaho Server.
  2. Edit the securities.properties file located in the  server/pentaho-server/pentaho-solutions/system folder and change provider=jackrabbit to provider=ldap. Save and close the file.
  3. Edit the server/pentaho-server/pentaho-solutions/system/applicationContext-security-ldap.properties file and modify the settings to match your LDAP configuration: 
    userSearch.searchBase=OU\=YourDomainCustomerCareUsers,DC\=YourDomainCustomerCare,DC\=com
allAuthoritiesSearch.roleAttribute=cn
allAuthoritiesSearch.searchBase=OU\=YourDomainCustomerCareGroups,DC\=YourDomainCustomerCare,DC\=com
userSearch.searchFilter=(sAMAccountName\={0})
allUsernamesSearch.searchFilter=objectClass\=Person
allAuthoritiesSearch.searchFilter= (objectClass\=group)
providerType=ldapCustomConfiguration
contextSource.userDn=youradminUser@YourDomaincustomercare.com
populator.rolePrefix=
allUsernamesSearch.searchBase=OU\=YourDomainCustomerCareUsers,DC\=YourDomainCustomerCare,DC\=com
adminUser=CN\=YourAdminUserDN,OU\=OrlandoFL,OU\=NAMER,OU\=Support,OU\=YourDomainCustomerCareUsers,DC\=YourDomainCustomerCare,DC\=com
adminRole=CN\=YourAdminRole,OU\=YourDomainCustomerCareGroups,DC\=YourDomainCustomerCare,DC\=com
populator.groupSearchBase=OU\=YourDomainCustomerCareGroups,DC\=YourDomainCustomerCare,DC\=com
populator.convertToUpperCase=false
populator.searchSubtree=false
allUsernamesSearch.usernameAttribute=sAMAccountName
populator.groupRoleAttribute=cn
contextSource.providerUrl=ldap\://10.100.7.17\:389
contextSource.password=********
populator.groupSearchFilter=(member\={0})
  4. Save and close the file.
  5. Edit the server/pentaho-server/pentaho-solutions/system/repository.spring.properties file and replace “admin” in the following line, singleTenanatAdminUserName=admin with the value of the adminUser’s sAMAccountName as defined in the applicationContext-security-ldap.properties file. When complete, save and close the file.
  6. Delete the following directory: server/pentaho-server/pentaho-solutions/system/jackrabbit/repository   

Do not delete the repository.xml file, which is also located in the following directory: server/pentaho-server/pentaho-solutions/system/jackrabbit

  1. Delete the server/pentaho-server/pentaho-solutions/system/karaf/caches  folder.
  1. Restart the Pentaho Server and test the LDAP functionality.

The Pentaho Server is now configured to authenticate users against your directory server. The LDAP Properties reference article contains supplemental information for LDAP values.