Configuring Authentication Using an OpenLDAP Provider

This section provides an example of how to connect WebLogic to an OpenLDAP server. The specifics of your OpenLDAP directory may differ from the example given, so consult with your LDAP administrator to find the correct values, and refer to the WebLogic documentation for specifics on each option.

1. Login to the WebLogic Administration Console.

2. In the Domain Structure pane, click on Security Realms.

3. Click the default security realm (typically called myrealm).

4. Click the Providers tab and press the New button.

5. Provide a name for the provider (for example, "nms-provider"), and select OpenLDAPAuthenticator as the type.

6. Click the name of the newly created provider.

7. Under the Configuration tab, select the Common tab, and set Control Flag to Optional.

8. Click Save.

9. Under the Configuration tab, select the Provider Specific tab, and set desired values that match your LDAP Directory configuration.

Examples:

Connection

Host: server.example.com

Port: 389

Principal: cn=Manager,dc=example,dc=com

Credential: (the password used to connect to the account defined by Principal)

Users

User Base DN: ou=Users,dc=example,dc=com

User from Name Filter: (&(uid=%u)(objectclass=inetOrgPerson))

User Name Attribute: uid

User Object Class: inetOrgPerson

Groups

Group Base DN: ou=groups,dc=example,dc=com

Group From Name Filter: (&(cn=%g)(objectclass=groupOfNames))

10. Click Save.

11. In the Change Center, click Activate Changes.

12. Restart the AdminServer.

13. IMPORTANT: Verify that the users and groups from the LDAP server are configured by looking at the Users and Groups tab under the default security realm. If not, adjust the configuration.