Component | Description |
ldap:// | For the scheme, use either ldap:// or ldaps:// |
admin_user | The name of a user with sufficient rights in Active Directory to perform a search in the domain specified by searchBase. The password for this user password must be stored in the Terracotta keychain used by the Terracotta server, using as key the root of the LDAP URI, ldap://admin_user@server_name:server_port , with no trailing slash ("/"). |
server_address: server_port | The IP address or resolvable fully qualified domain name of the server, and the port for Active Directory. |
searchBase | Specifies the Active Directory domain to be searched. For example, if the Active Directory domain is reggae.jamaica.org, then the format is searchBase=dc=reggae,dc=jamaica,dc=org |
groupBindings | Specifies the mappings between Active Directory groups and Terracotta roles. For example, groupBindings=Domain%20Admins=admin,Users=terracotta maps the Active Directory groups "Domain Admins" and "Users" to the "admin" and "terracotta" Terracotta roles, respectively. To be mapped, the named Active Directory groups must be part of the domain specified in searchBase; all other groups (including those with the specified names) in other domains are ignored. |