Camunda with Springboot and Active Directory

subbu · May 4, 2017, 6:02am

Hi,
I am using camunda with spring boot , Wanted to configure active directory as Identify provider. Can I get any lead on this?

Regards,
Subbu

mppfor_manu · May 5, 2017, 4:48pm

I can’t provide exact instructions, but I would have a look at the LDAP identity configuration of your application server for clues. In our environment our Active Directory servers also provide LDAP support and yours might do the same.

subbu · May 9, 2017, 9:30am

Hi @mppfor_manu,
Thank you very much for the reply. I am trying to connect to AD using the configuration class based on Webapp login via LDAP not working . Will test and will update.

Regards,
Subbu

tim · January 2, 2018, 10:30pm

I had a bit of trouble getting it working with Active Directory, but the key was to use an email address rather than a CN or DN for the mangerDn. Makes me think managerDn is misnamed, but it works. Here is an obsfucated copy of my config. This is similar to the Active Directory config I found elsewhere. I hope this helps.

<bean id="ldapIdentityProviderPlugin" class="org.camunda.bpm.identity.impl.ldap.plugin.LdapIdentityProviderPlugin">
          <property name="serverUrl" value="ldap://ldapdchq.best.example.com:389/" />
          <property name="managerDn" value="adminuser@best.example.com" />
          <property name="managerPassword" value="didDinosaursUsePasswords?" />

          <property name="baseDn" value="DC=best,DC=example,DC=com" />
          <property name="userSearchBase" value="OU=Users,OU=Accounts" />
          <property name="userSearchFilter" value="(objectclass=person)" />

          <property name="userIdAttribute" value="sAMAccountName" />
          <property name="userFirstnameAttribute" value="givenName" />
          <property name="userLastnameAttribute" value="sn" />
          <property name="userEmailAttribute" value="mail" />
          <property name="userPasswordAttribute" value="userPassword" />

          <property name="groupSearchBase" value="OU=SecurityGroups" />
          <property name="groupSearchFilter" value="(objectclass=group)" />
          <property name="groupIdAttribute" value="cn" />
          <property name="groupNameAttribute" value="sAMAccountName" />
          <property name="groupMemberAttribute" value="member" />

          <property name="sortControlSupported" value="false" />
  </bean>

system · January 30, 2024, 10:51am