JNDI configuration

Create a new service for the JNDI connection using Ubisecure Server Management.

1. In Ubisecure Server Management, select Home → Services → New Service…

2. Create Directory Service Configuration window opens.

   • Enter a title for the service (for example: "Basic LDAP").

   • Select "Generic" from the Select pre-defined drop-down menu.

   • After this selection, values for Directory Factory and Directory Schema (LDAP) fields are autogenerated.

   • You may add a description in the Description field.

   • Continue by pressing OK.

   Figure 1. Create Directory Service Configuration – Basic LDAP

3. Service Configuration view for the newly created configuration opens.

   • Now that you have the service object created, you can fill in the connection information in this view.

   • Enter the address of the LDAP service provider in the Service URL field.

   • Enter the username used to connect to the external directory in the Username field.

   • Enter that user's password in the Credentials field.

   • Click Update to store the changes.

   Figure 2. Service Configuration – Basic LDAP

java.naming.factory.initial = com.ubisecure.util.ldap.jldap.JLDAP
java.naming.provider.url = ldaps://pdc.example.com/dc=example,dc=com
java.naming.security.authentication = simple
java.naming.security.principal = cn=UbiUser,dc=example,dc=com
java.naming.security.credentials = secret
java.naming.security.protocol = ssl

Ubisecure Server will load these JNDI settings for external directory bind during the next startup.

It is possible to bind anonymously to an Active Directory. The topic of anonymous LDAP operations on Windows 2003 is covered in the Microsoft Support article 326690 (http://support.microsoft.com/default.aspx?scid=kb;en-us;326690).

Ubisecure Server supports LDAP client-side failover with replicated directories.