dcm4chee-arc-light 5.5.1 - ldap authentication with active directory?
1,190 views
Skip to first unread message
Docjay
Jul 12, 2016, 10:58:07 PM7/12/16
to dcm4che
Gunter,
Just wondering if its possible to setup wildfly10/dcm4chee-arc-5 with Active Directory authentication instead of OpenLDAP/apacheDS/OpenDJ?
Thanks
Jamie
Just wondering if its possible to setup wildfly10/dcm4chee-arc-5 with Active Directory authentication instead of OpenLDAP/apacheDS/OpenDJ?
Thanks
Jamie
gunterze
Jul 13, 2016, 4:34:48 AM7/13/16
to dcm4che
OpenLDAP/apacheDS/OpenDJ are used as Configuration Backend, not for authentication. When using the secured version, you may configure Keycloak using its Admin Console ( http://localhost:8080/auth/admin ) / User Federation / Add Provider LDAP to store user/password/roles into any LDAP server - which may be the same as used for the configuration, or a different one, in particular Active Directory.
If Active Directory is really LDAPv3 compliant, it should be also possible to use it as Configuration Backend. You just have find out, how to configure additional schemas in Active Directory. Schema definitions for the Configuration data in RFC-4512 format (also known as Open LDAP format) are provided in the binary distribution package in folder dcm4chee-arc-VERSION-DB/ldap/schema/ or you may directly get it from GitHub:
https://github.com/dcm4che/dcm4che/tree/dcm4chee-arc-light/dcm4che-conf/dcm4che-conf-ldap-schema/src/main/resources/ldap/schema
https://github.com/dcm4che/dcm4chee-arc-light/tree/master/dcm4chee-arc-assembly/src/main/resources/ldap/schema
If Active Directory is really LDAPv3 compliant, it should be also possible to use it as Configuration Backend. You just have find out, how to configure additional schemas in Active Directory. Schema definitions for the Configuration data in RFC-4512 format (also known as Open LDAP format) are provided in the binary distribution package in folder dcm4chee-arc-VERSION-DB/ldap/schema/ or you may directly get it from GitHub:
https://github.com/dcm4che/dcm4che/tree/dcm4chee-arc-light/dcm4che-conf/dcm4che-conf-ldap-schema/src/main/resources/ldap/schema
https://github.com/dcm4che/dcm4chee-arc-light/tree/master/dcm4chee-arc-assembly/src/main/resources/ldap/schema
Docjay
Jul 13, 2016, 9:45:11 AM7/13/16
to dcm4che
Gunter,
thanks for explanation. I'll just use apacheDS to start with (first time setting it up) for the configuration backend. I would like to use our sites LDAP active directory for authentication though. We just use simple security here so, there is no need for TLS.
thanks for explanation. I'll just use apacheDS to start with (first time setting it up) for the configuration backend. I would like to use our sites LDAP active directory for authentication though. We just use simple security here so, there is no need for TLS.
Docjay
Jul 14, 2016, 3:58:41 PM7/14/16
to dcm...@googlegroups.com
Gunter,
I'm working on installing v5.5.1 and I'm on the LDAP portion using ApacheDS. I'm down to 'Import default config into LDAP server'. I've created a new connection there, but it won't open the connection because there is no 'admin' user. Also, its still on port '10389' instead of '389'.
Did I miss something when imported the 'ldiff' files from earlier? Should one of those created the user for me?
thanks
Jamie
I'm working on installing v5.5.1 and I'm on the LDAP portion using ApacheDS. I'm down to 'Import default config into LDAP server'. I've created a new connection there, but it won't open the connection because there is no 'admin' user. Also, its still on port '10389' instead of '389'.
Did I miss something when imported the 'ldiff' files from earlier? Should one of those created the user for me?
thanks
Jamie
gunterze
Jul 15, 2016, 2:44:20 AM7/15/16
to dcm4che
The configuration parameter in the Browser - and also in wildfly/standalone/configuration/dcm4che/ldap.properties used by the archive to connect to the LDAP server - must match which the configuration of the LDAP server, which was by default for Apache DS 2.0.0-M20 (the may have changed for more recent versions):
gunter
Network Parameter:
Hostname: localhost
Port: 10389
Authentication Parameter:
Bind DN or user: uid=admin,ou=system
Bind password: secretgunter
Reply all
Reply to author
Forward
0 new messages