22.0 Connecting to an LDAP Directory for User Authentication

Novell Cloud Manager authenticates users via their LDAP directory accounts. To enable this authentication to occur, you must define the connection to the LDAP directory server, specify the containers where the Novell Cloud Manager users and user group reside, provide the credentials required to search the containers, then test the configuration.

Microsoft Active Directory and Novell eDirectory are the supported LDAP directories for Cloud Manager.

  1. In the Cloud Manager console, click Configuration, then click LDAP.

  2. Provide the LDAP server connection information:

    Host: Specify the FQDN (fully qualified domain name) or IP address of the host machine running the LDAP server. For example, ldap.mycompany.com or 123.45.67.8.

    Port: Specify the TCP port (on the host machine) where the LDAP server is listening for LDAP connections. The standard port for non-SSL connections is 389. The standard port for SSL connections is 636.

    Use SSL: If you have configured the Cloud Manager Server to support an SSL connection to the LDAP server, select this option to enable the secure connection. For information about supporting an SSL connection, see Connecting to the LDAP Directory in the Novell Cloud Manager 1.1 Installation Guide.

  3. Set the search base for the Cloud Manager users and user group:

    Search Base DN: Specify the base location where user searches begin. All portions of the LDAP tree located below the base DN are searched. For example, cn=Users,dc=MyCompany,dc=com).

    User Group: Specify the name of the LDAP user group used for Novell Cloud Manager users. A user must be a member of this group to authenticate to Novell Cloud Manager.

    Group Base DN: Specify the base location where the search for the Novell Cloud Manager user group begins. All portions of the LDAP tree located below the base DN are searched. For example, cn=Groups,dc=MyCompany,dc=com).

  4. Provide an LDAP account that has search rights to the user and group base DNs:

    DN: Specify an account that has rights to search the locations defined by the Search Base DN. For example, cn=Administrator,cn=Users,dc=MyCompany,dc=com

    Password: Specify the password for the account.

    Password Confirm: Confirm the password for the account.

  5. Click Test LDAP Configuration to display the Test LDAP Configuration dialog box.

    User Name: Specify the user ID of a Cloud Manager user. This user must exist in the search base DN and be a member of the Cloud Manager user group. This is the user that Cloud Manager will attempt to authenticate to test the configuration settings.

    Password: Specify the user’s password.

  6. If the test is successful, click OK to save the configuration. Otherwise, check the configuration information and repeat the test.

    If the test fails, make sure of the following:

    • The Novel Cloud Manager user group exists and is located in the specified group base DN.

    • The search bind account has sufficient rights to the user search base and group search base.

    • The Cloud Manager user you entered to test the configuration exists in the user search base and is a member of the Cloud Manager user group.