Datapower Active Directory RBM Authentication

Below is good resources on setting up Datapower Active Directory for login into a Datapower Appliance:

http://asimsaddal.sys-con.com/node/1103557/mobile

Below is my version on setting up Active Directory for Datapower and it works:

Step 1: Navigate to Administration -> RBM Settings

Step 2: Make sure your Main page looks like the following:

Step 3: Navigate to the Authentication Tab

Specify your Active Directory Server Host, Port Number (default 389), LDAP version and enable Search LDAP for DN

Your Bind DN will look something like:

CN=,OU=Application Specific Resources,OU=Enterprise Configuration & Resources,DC=,DC=,DC=

Note: Set Local Login as Fallback to login to your appliance. This is for when LDAP fails you still have access to the appliance.

Your LDAP Search Parameter will looks like follows:

Your LDAP Base DN will look something like:

OU=User Accounts,DC=,DC=,DC=

Step 4: Navigate to the Credentials Tab and select Mapping Credentials Method -> xmlfile

Disable: Search LDAP for Group Name

Create a new RBM Policy URL by clicking on the + . Navigate to the wizard till u get to: Access Profile Mapping.

Your Credential Name will look something like: OU=User,OU=Business Unit,OU=User Account,DC=,DC=,DC=

Advertisements

3 Comments on “Datapower Active Directory RBM Authentication

  1. I tried this, didn’t work. My domain was ‘munnster.com’ and not sure if we leave the rest dc=dc=dc=? what would be a properly formatted base dn look like? NOt spelled out ANYWHERE on internet!

  2. I am trying to configure my XI150 datapower,
    Requirement: I want to use ldap for authorizing a particular resource ” the back end URL – mobile.wsdl ”

    I am extracting “username” from an ssl certificate subject name, and using AAA info file to map the username to an “resource”.
    how to make DP to submit the above two value “username” & “resource” to an ldap server, and if both attribute are matched then authorize. I don’t want to RBM, Only authorization need to be checked against ldap.

    Can any one guide how to do this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: