Created On:  19 November 2012

Problem:

How do I configure Enterprise View to use Windows Logins?

Resolution:

With the Release of Hot Fix 5, for the 3.3 version of Enterprise View (EV), you now able to make use of Lightweight Directory Access Protocol  (LDAP) to perform authentication when users login into Enterprise View (EV).
To enable LDAP you must install the EV 3.3 Hot Fix 5 or later and then make the following modifications to the \[Apache Tomcat install dir]\webapps\EV\WEB-INF\conf\system.properties file.
The normal location for this file is:
C:\Program Files (x86)\Apache Software Foundation\Tomcat 6.0\webapps\EV\WEB-INF\conf
The items that need to change are the newly added items at the end of the file and set as follows:
 
#set the value to true in order to activate LDAP authorization
LdapLoginEnabled = true
#this is used as a user string while checking on active directory. Leave username and change only the domain.
LdapNTDomain = username@.
#put DC=domain,DC=domain
LdapDomain = DC=,DC=
#your LDAP server (domain server)
LdapServer =
#port - in most cases should not be changed
LdapPort = 389
#put to true if normal EV users should be working when LdapLoginEnabled is enabled
LdapEnableEVUser = true|false
 
So for example, to enable Micro Focus users to login into EV, I set the items as follows:
 
#set the value to true in order to activate LDAP authorization
LdapLoginEnabled = true
#this is used as a user string while checking on active directory. Leave username and change only the domain.
LdapNTDomain = username@microfocus.com
#put DC=domain,DC=domain
LdapDomain = DC=microfocus,DC=com
#your LDAP server (domain server)
LdapServer = nwb-dc01.microfocus.com
#port - in most cases should not be changed
LdapPort = 389
#put to true if normal EV users should be working when LdapLoginEnabled is enabled
LdapEnableEVUser = true
 
This setup allows the previous EV users to login into the system, which means that the administrator user can still login into the system should configuration settings be need to be changed and windows users can login into the system.
By default, windows users are registered within EV when they login into the system and are assigned an email address as username@.. When they are registered, they are not assigned a default profile, so when they first login, they will not be able to see any charts.
It is possible to pre-configure the users, so they are assigned a profile. EV will still prompt for a password for windows users, but the system will not use that password as it taken from the LDAP server.
The user id that you login into EV now becomes your windows id without the domain prefix.

Note: This will also be supported in the 3.4 base product.
Incident #2587202