Follow

About this task

Defining an LDAP server to work with InfiniBox allows LDAP users (users that are listed on the LDAP server) to access InfiniBox. LDAP servers can be either automatically discovered by InfiniBox, or identified by the user.

Before you begin

Read the User Repositories section here: Overview of user management

Defining an Active Directory

InfiniBox dynamically discovers all AD domain controllers by issuing a DNS query to the provided AD domain, InfiniBox will then try to use the fastest responding domain controller for its AD queries.

  1. On the InfiniBox GUI, go to Settings, click the LDAP/AD tab and click the Define button.
  2. Select Active Directory as the repository type.
  3. Set the Repository Name - this is the name that will be displayed on the InfiniBox GUI. This name does not have to be the actual Active Directory name.
  4. Enter the Domain Name. This is the name of the AD domain.
  5. Select Auto discover servers.
  6. Select whether to Use SSL.
    1. Insert the Port number. The default port number if using SSL is 389.
  7. Enter the Bind username and Bind password. This is the username and password of the Active Directory administrator.
  8. If you need to limit InfiniBox access to specific repository users or groups, click on the three dot icon on the right of Schema definition



  9. If required, enter the following information:
    1. User Class
    2. Username Attribute
    3. Users Base DN
      This points to the LDAP folder that contains the user ids.
      The format is ou=Users,dc=fsubfolder1,dc=subfolder2.
      The Users folder can point to users, folders, other devices, or any other place where user credentials may be stored.
    4. Group Class
    5. Group Name Attribute
    6. Member of Attribute
    7. Group Base DN

  10. Click Define Server
    The server is defined.
  11. Proceed to Creating a user group

Defining an LDAP Server Repository

InfiniBox requires that the the domains for the users and user groups be actively set.

  1. On the InfiniBox GUI, go to Settings, click the LDAP/AD tab and click the Define button.
  2. Select Open LDAP as the repository type.
  3. Set the Repository Name - this is the name that will be displayed on the InfiniBox GUI. This name does not have to be the actual LDAP name.
  4. Insert a Server name or IP address of the server and click Add
    You can enter more than one server.
  5. Disable LDAPS (SSL)
  6. Insert:
    1. Bind username 
    2. Bind password
  7. Click the three dot icon on the right of Schema definition



    The lower half of the window opens. The information that is displayed is the default information that can be used for an Active Directory server. Open LDAP servers require that the information entered conform to the individual servers.
  8. Enter the following information:
    1. User Class
    2. Username Attribute
    3. Users Base DN
      This points to the LDAP folder that contains the user ids.
      The format is ou=Users,dc=fsubfolder1,dc=subfolder2.
      The Users folder can point to users, folders, other devices, or any other place where user credentials may be stored.
    4. Group Class
    5. Group Name Attribute
    6. Member of Attribute
    7. Group Base DN
  9. Click Test to make sure that there proper communication with the server.
    A message will be displayed telling you that the LDAP test completed successfully.



  10. Click Define Server
    The server will be added to the list of repositories.
  11. Proceed to Defining a user group

Defining a user group

  1. On the InfiniBox GUI, go to Settings, click the Users tab.
  2. Click on Create Group.
  3. Enter the following information:
    1. Name - you can use any name
    2. DN - the domain that the users belong to on the LDAP server. This is the location of the users on the server. InfiniBox appends the Users Base DN to the beginning of the group DN.
    3. LDAP - select an LDAP server from the list. Only defined LDAP servers are available.
    4. Role - an InfiniBox user role - this will determine the level of access and control that will be granted to the users that belong to this user group
    5. Pools - in case of a user group with a Pool Admin role, this attributes will determine to which pools the users can have Admin rights 

Instructions for testing the user repository data connection

Testing the data connection allows you to see if the server configuration is correct. If there are any issues, it is easier to correct them during the definition process.

  1. From the LDAP tab, select an LDAP definition, click the Action button and select Modify Configuration.
    The Modify Active Directory Server screen opens. 
  2. Click Test.
    A success or failure message is displayed on the screen. 

This operation can also be performed before the server is defined.

Was this article helpful?
0 out of 0 found this helpful

0 out of 0 found this helpful

Comments