LDAP auth against MS Azure Active Directory?

paal_s

Hi,

Just wondering if anyone has tried enabling LDAP and authenticating users towards Microsoft Azure Active Directory Services?

 

In the RM Server file 'local-security.properties' it requires a URL, username and password, but from my Azure AD admin panel it isn't obvious to me that it will work.

 

Before I start digging deeper, has anyone tried integrating these services previously? Would love to hear your thoughts!

 

Best,

P.

Edin_Klapic

Hi @paal_s,

Unfortunately I cannot help with MS Azure but here is a "working" configuration for Windows Active Directory.

 

#
# Properties for using LDAP authentication with RapidMiner Server
#

# enable or disable LDAP authentication
ldap.enabled=true

# provider url
ldap.providerUrl=ldap://FIRST.DOMAIN.COM:3268 ldap://SECOND.DOMAIN.COM:3268

# user/pass to access ldap
ldap.user=CN=USER-ID,OU=Service Accounts,OU=Accounts,OU=Users,OU=ZZ PAM,DC=first,DC=domain,DC=com
ldap.password=PASSWORD

# search settings
ldap.search.base=

# example ldap.search.filter for OpenLDAP:
#   ldap.search.filter=(&(objectClass=inetOrgPerson)(uid={0}))
# example ldap.search.filter for Active Directory:
#   ldap.search.filter=(&(objectClass=user)(userPrincipalName={0}@active.directory.domain))
ldap.search.filter=(&(sAMAccountName={0}))

# group properties
# ldap.group.roleAttribute for OpenLDAP:
#   ldap.group.roleAttribute=cn
# ldap.group.roleAttribute for Active Directory:
#   ldap.search.filter=distinguishedName
ldap.group.roleAttribute=distinguishedName

# user properties
ldap.user.displayNameAttribute=displayName
ldap.user.emailAttribute=mail

# timeout in sec for cached authentications
# the cache is used to to relieve the authentication provider and
# to prevent multiple authentication requests from the same user in the defined timeframe
# change the value to 0 if the caching should be disabled and
# every request should be forwarded to the authentication provider
ldap.cache.timeout=60

Hope this helps somehow,

Edin