Enabling LDAP Support

By default, Greenplum Chorus 2.4 manages users through the database. Greenplum Chorus uses the LDAPv3 server, including Active Directory support, to manage and authenticate users. For more information about the LDAP server, see http://www.ietf.org/rfc/rfc2251.txt. 

Enabling LDAP provides the following benefits:

• Adding users to Greenplum Chorus: Once a user is added into Chorus, Chorus maintains a read-only copy of common user information, such as the user’s name

and department.

• Authenticating users with LDAP.

Configuring LDAP

1. Try connecting to your AD or LDAP installation with a separate LDAP exploration tool to ensure that all configuration properties are correct prior to  attempting to configure these in Chorus.

2. Edit the <installation directory>/shared/chorus.properties file to configure LDAP in Chorus.

3. Change the default entries for the following properties, if desired:

ldap.host= 10.32.88.212

ldap.enable= true

ldap.port= 389

ldap.base= DC=greenplum,DC=com

ldap.dn_template= greenplum\{0}

ldap.attribute.uid= sAMAccountName

ldap.attribute.ou= department

ldap.attribute.gn= givenName

ldap.attribute.sn= sn

ldap.attribute.mail= mail

ldap.attribute.title= title

4. Restart the server to complete certificate configuration.

The following table contains a list and description of properties related to LDAP:

LDAP configuration parameters

LDAP Parameters                                      Description