How to implement multiple active directory and/or LDAP domains on a single management server directly.

Document ID : KB000014106
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

In this brief document we will go over how to configure direct ldap authentication coupled with multiple domains(applicable to both AD and LDAP) to auth against as well.

Question:

My company utilizes multiple domains within the same forest(or otherwise) to authenticate users when performing logins, how exactly are these to be configured within distributed.properties?

Environment:
Any version of release automation >=5.5 - 6.3, management server.
Answer:

1. You will need to open/edit the file:  %InstallDirectory%\webapps\datamanagement\WEB-INF\distributed.properties

2. For every domain set that you wish defined, each set will need to have a unique number appended to the configuration parameters, for example:

----snip----

 

use.active.directory.authentication=true                     # Only set this once in the file 

 

use.active.directory.domain.1=DomainA

use.active.directory.url.1=ldap://hostname.of.domainA.ADServer.com:389

 

 

 

use.active.directory.domain.2=DomainB

 

use.active.directory.url.2=ldap://hostname.of.domainB.ADServer.com:389

 

----snip----

 

Continue this chronological ordering of domains by number until all are added, also if you need to provide an account for binding to ldap for user account searches, the same method applies(eg; appending .<#> per which domain the bind account belongs to, for example:

 

use.active.directory.authentication=true                

use.active.directory.domain.1=DomainA

use.active.directory.url.1=ldap://hostname.of.domainA.ADServer.com:389

use.active.directory.user.username.1=joe@user.com

use.active.directory.user.password.1=joes_password!@

 

use.active.directory.domain.2=DomainB

use.active.directory.url.2=ldap://hostname.of.domainB.ADServer.com:389

use.active.directory.user.username.2=joe@user.com

use.active.directory.user.password.2=joes_password!@