Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE

How do I configure CaliberRM to use LDAP authentication?

How do I configure CaliberRM to use LDAP authentication?


How do I configure CaliberRM to use LDAP authentication?


  • Product Name: CaliberRM
  • Product Version: N/A
  • Product Component: LDAP integration
  • Platform/OS Version: All

Add users to the Framework administrator.

You must create CaliberRM users with valid userids in the Framework Administrator, see ?Filter? below for more information on what makes the userid "valid". Alternatively you can use LDAP QuickStart Manager to import userids from your LDAP server to CaliberRM. Please see the LDAP QuickStart Manager Guide for more information.

Configure the CaliberRM Server control panel applet within the directory services tab.

BaseDN: This must be the lowest level domain that includes all of the users that will be logging into CaliberRM (the BaseDN data represents the Distinguished name of the entry at which to start the search.)

Host: Fully qualified hostname of LDAP server.

Filter: This filter will be used to find the user(s) on the LDAP server. The string parameter ?%s? must be included in this field. This parameter will be populated with the userid that you enter on the Login screen when you try to login to CaliberRM with LDAP integration enabled. Therefore the LDAP attribute that you assign this parameter equal to (see above - default attribute is sAMAccountName) must be equal to the userid that you have set up in the Framework Administrator.

For example, if you have set up a userid in Framework Administrator ?sthompson?, the sAMAccountName attribute on your LDAP server for this user must be equal to ?sthompson?.

Port: If you want to use encryption for LDAP communications the default port is 636. Normally, if you turn on SSL, you need to change the port number as well. By default the ldap_port is 389, but the ldap_ssl_port by default is 636.

Windows Authentication: When this check box is checked, the current user (windows user who is running the CaliberRM Server service) is used to authenticate against the LDAP server in order to search for the user who is trying to login to Caliber. If you want to specify a different user, uncheck the checkbox and enter a valid distinguished name and password for a user who has permission to search for other users on the LDAP server. This is valid for CaliberRM 2005 R2 +. In order to configure NTLM or Basic authentication for earlier versions of CaliberRM you will need to amend the registry keys: windows, bindDN, bindPW. Please see the LDAP Integration guide specific to your version of CaliberRM for more information.

You must recycle the CaliberRM server in order for these changes to take place.

Launch the Caliber client and login with the userid you have set up in Framework administrator and the user?s password (LDAP). It does not matter what password (if any) you have assigned the user in Framework administrator. Once LDAP integration is enabled you must use this password to login.

The only user that can bypass the LDAP integration is the admin user. You can still login with your CaliberRM admin user.

Related documents:

Old KB# 15894


Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Version history
Revision #:
1 of 1
Last update:
‎2013-02-15 18:27
Updated by:
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.