NOTICE: Our Community is moving. Get more information.
How do I configure CaliberRM to use LDAP authentication?
Add users to the Framework administrator.
You must create CaliberRM users with valid userids in the
Framework Administrator, see ?Filter? below for more information on
what makes the userid "valid". Alternatively you can use
LDAP QuickStart Manager to import userids from your LDAP server to
CaliberRM. Please see the LDAP QuickStart Manager Guide for more
Configure the CaliberRM Server control panel applet
within the directory services tab.
BaseDN: This must be
the lowest level domain that includes all of the users that will be
logging into CaliberRM (the BaseDN data represents the
Distinguished name of the entry at which to start the search.)
qualified hostname of LDAP server.
Filter: This filter
will be used to find the user(s) on the LDAP server. The string
parameter ?%s? must be included in this field. This parameter will
be populated with the userid that you enter on the Login screen
when you try to login to CaliberRM with LDAP integration enabled.
Therefore the LDAP attribute that you assign this parameter equal
to (see above - default attribute is sAMAccountName) must be equal
to the userid that you have set up in the Framework
For example, if you have set up a userid in Framework
Administrator ?sthompson?, the sAMAccountName attribute on your
LDAP server for this user must be equal to ?sthompson?.
Port: If you want to
use encryption for LDAP communications the default port is 636.
Normally, if you turn on SSL, you need to change the port number as
well. By default the ldap_port is 389, but the ldap_ssl_port by
default is 636.
Authentication: When this check box is checked, the
current user (windows user who is running the CaliberRM Server
service) is used to authenticate against the LDAP server in order
to search for the user who is trying to login to Caliber. If you
want to specify a different user, uncheck the checkbox and enter a
valid distinguished name and password for a user who has permission
to search for other users on the LDAP server. This is valid for
CaliberRM 2005 R2 +. In order to configure NTLM or Basic
authentication for earlier versions of CaliberRM you will need to
amend the registry keys: windows,
bindDN, bindPW. Please see the
LDAP Integration guide specific to your version of CaliberRM for
You must recycle the CaliberRM server in order for these changes
to take place.
Launch the Caliber client and login with the userid you have set
up in Framework administrator and the user?s password (LDAP). It
does not matter what password (if any) you have assigned the user
in Framework administrator. Once LDAP integration is enabled you
must use this password to login.
The only user that can bypass the LDAP integration is the admin
user. You can still login with your CaliberRM admin user.