Enabling LDAP Support
By default, Greenplum Chorus 2.4 manages users through the database. Greenplum Chorus uses the LDAPv3 server, including Active Directory support, to manage and authenticate users. For more information about the LDAP server, see http://www.ietf.org/rfc/rfc2251.txt.
Enabling LDAP provides the following benefits:
• Adding users to Greenplum Chorus: Once a user is added into Chorus, Chorus maintains a read-only copy of common user information, such as the user’s name
and department.
• Authenticating users with LDAP.
Configuring LDAP
1. Try connecting to your AD or LDAP installation with a separate LDAP exploration tool to ensure that all configuration properties are correct prior to attempting to configure these in Chorus.
2. Edit the <installation directory>/shared/chorus.properties file to configure LDAP in Chorus.
3. Change the default entries for the following properties, if desired:
ldap.host= 10.32.88.212
ldap.enable= true
ldap.port= 389
ldap.base= DC=greenplum,DC=com
ldap.dn_template= greenplum\{0}
ldap.attribute.uid= sAMAccountName
ldap.attribute.ou= department
ldap.attribute.gn= givenName
ldap.attribute.sn= sn
ldap.attribute.mail= mail
ldap.attribute.title= title
4. Restart the server to complete certificate configuration.
The following table contains a list and description of properties related to LDAP:
LDAP configuration parameters
LDAP Parameters Description