Authenticate TeamSite 6.7/Solaris 10 on Active Directory

Hello,

I am currently working with a TeamSite 6.7 on Solaris 10 test installation an planning our future TeamSite upgrade.

Is it possible to authenticate TeamSite users to Active Directory directly using the [authentication] ldap settings in iw.cfg?

I don't want to put TeamSite roles in AD, I only want user authentication.

Here are my settings:

# grep ldap iw.cfg
authenticate_by=ldap
ldap_server=caefr3k11.efr.rdigest.com
ldap_port=389
ldap_dnbase=(OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com)
ldap_account=cn=fbousqu,OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com
ldap_pwd=password
#ldap_roles=TeamSiteRoles
ldap_key=SAMAccountName
#ldap_ssl_port=636
#ldap_cafile=/usr/iw-home/tools/db/netscape/cert7.db
#

I was trying to test this configuration with the iwldapuserscache command, but it is not working. However the error is not clear to me, maybe you can explain me more what ldap_server key is?

# iwldapuserscache
ERROR: ldap_server key not specified in iw.cfg
Error retrieving user information from ldap
#

Another test, I did, is using the iwldapsearch command to list content, however this one is successful:

# iwldapsearch -b "OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com" -h caefr3k11.efr.rdigest.com -D "cn=fbousqu,OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com" -w password -v -A "(SAMAccountName=*)" SAMAccountName

CN=fbousqu,OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com
sAMAccountName

CN=pantoni,OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com
sAMAccountName

CN=jlavign,OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com
sAMAccountName

[...]

CN=bgagnon,OU=Users,OU=EFR,OU=CA,OU=AM,DC=efr,DC=rdigest,DC=com
sAMAccountName

#

- Francois

Find more posts tagged with

Comments

smenon

You will not be able to authenticate directly against AD using the LDAP authentication mode if the TeamSite server is on Solaris.. There are some customers that have used a third-party PAM module by Vintella, but this is something that has not been tested or certified by Interwoven.. Also, while this has worked for some customers, more recently, we did see one of the customers run into some problem with the latest version of the Vintella module and TeamSite..

DavidMusser

Is this the same for Linux and 6.7.1? We would want to use a windows domain for our users if possible.

fbousqu

It looks like TeamSite 6.7.1 with SP1 with provide that kind of functionality with non-OS user.