# Run this script from the command-line using the following command:
# config run simple-config-ldap.txt
# Before using this script you need to set the variables below: set DB_DRIVER = "tibcosoftwareinc.jdbc.oracle.OracleDriver" set DB_URL = "jdbc:tibcosoftwareinc:oracle://localhost:1521;SID=XE" #set DB_DRIVER = "tibcosoftwareinc.jdbc.sqlserver.SQLServerDriver" #set DB_URL = "jdbc:tibcosoftwareinc:sqlserver://<server>:<port>;DatabaseName=<d atabase name>" set DB_USER = "spotfire" set DB_PASSWORD = "spotfire123" set CONFIG_TOOL_PASSWORD = "sp00tfire" # Set the default domain which will be used when trying to authenticate users th at doesn't specify a domain name set DEFAULT_DOMAIN="bdpdomain" # The admin user will be assumed to belong to the default domain (as configured above), # unless the name includes the user's domain name, e.g. 'username@domain' set ADMIN_USER = "spotfireadmin" # See the help topic for create-ldap-config command # for more information about these LDAP parameters. # To view this help topic, run the following command: # config help create-ldap-config set LDAP_CONFIG_ID="ldap1" set LDAP_SERVER_TYPE="Custom" set LDAP_SERVERS="ldap://bdp-1.bdpdomain.com:389" set LDAP_CONTEXTS="DC=bdpdomain,DC=com" set LDAP_USERNAME="UID=ipausers,CN=admin,DC=bdpdomain,DC=com" set LDAP_PASSWORD="hdp-mservice" # To enable group synchronization: # 1. Uncomment the lines where the LDAP_GROUP_SYNC_NAMES and LDAP_GROUP_SYNC_SCH EDULE variables are set # 2. Uncomment the lines where the config-ldap-group-sync is being called #set LDAP_GROUP_SYNC_NAMES="<Account names or DNs of external groups to synchron ize>" #set LDAP_GROUP_SYNC_SCHEDULE="<Group synchronization cron schedule>" echo Creating the database connection configuration bootstrap --no-prompt --driver-class="${DB_DRIVER}" --database-url="${DB_URL}" \ --username="${DB_USER}" --password="${DB_PASSWORD}" --tool-password="${CONFIG_ TOOL_PASSWORD}" echo echo Creating the default configuration create-default-config echo echo "Creating LDAP configuration '${LDAP_CONFIG_ID}'" create-ldap-config --id="${LDAP_CONFIG_ID}" --type="${LDAP_SERVER_TYPE}" \ --servers="${LDAP_SERVERS}" --context-names="${LDAP_CONTEXTS}" \ --user-name-attribute="cn"--username="${LDAP_USERNAME}" --password="${LDAP_PASS WORD}" --schedules="@minutely" --user-search-filter="uid=*" echo echo "Setting up group synchronization for LDAP configuration '${LDAP_CONFIG_ID} '"
--group-names="${LDAP_GROUP_SYNC_NAMES}" --schedules="${LDAP_GROUP_SYNC_SCHEDU LE}" --group-search-filter="cn" --group-name-attribute="ipausergroup" --supports -member-of=false --member-attribute="cn=admin" echo echo "Setting up the User Directory for LDAP using LDAP configuration '${LDAP_CO NFIG_ID}'" config-ldap-userdir --ldap-configs="${LDAP_CONFIG_ID}" config-userdir --mode="ldap" --domain-name-style="dns" echo echo "Setting up BASIC Authentication for LDAP using LDAP configuration '${LDAP_ CONFIG_ID}'" config-basic-ldap-auth --ldap-configs="${LDAP_CONFIG_ID}" config-auth --auth-method="BASIC" --jaas-ldap --default-domain="${DEFAULT_DOMAIN }" echo echo Importing the configuration import-config --tool-password="${CONFIG_TOOL_PASSWORD}" \ --comment="First config using LDAP for authentication and user directory" echo echo Promoting the user '${ADMIN_USER}' to administrator promote-admin --tool-password="${CONFIG_TOOL_PASSWORD}" --username="${ADMIN_USER }" echo