user.connectivity_url=ldap://<Servername/IP>:389
user.connectivity_config=com.sun.jndi.ldap.LdapCtxFactory
user.connectivity_domain_component_name=test,dc=ephesoft
user.connectivity_domain_component_organization=com
user.connectivity_username=cn=User,dc=test,dc=ephesoft,dc=com
user.connectivity_password=P@ssw0rd
# This Property defines which type of connectivity is used
# 0 = LDAP
# 1 = MS Active Directory
# 2 = Tomcat
user.connection=1
#This Attribute is added so as to make search of groups in LDAP/AD configurable,by default its cn(commonName) is returned
user.connectivity_groupSearchAttributeFilter=cn
#This Attribute is added to make search of Users (Organisational Unit) in LDAP/AD configurable,by default its cn
user.connectivity_userSearchAttributeFilter=cn
#Set this for MS Active Directory
user.msactivedirectory_context_path=cn=Users;;ou=securitygroup1;;ou=domainusers;;ou=securitygroup2
# filter can have |(OR), &(AND) and !(NOT)
# | (|(cn=a*))
# & (&(cn=a*))
# ! (!(cn=a*))
# complex example ((!(cn=a*))(|(cn=ephesoft*)(&(cn=b*)))
user.msactivedirectory_group_search_filter=

Change the following properties:

• user.connectivity_url: URL to the AD/LDAP server.

• user.msactivedirectory_context_path: Path to the room OU where groups reside. Multiple locations can be specified with a ";;" delimiter (example: OU=Internal Groups;;OU=Contractors).

• user.connectivity_domain_component_name: Component value for AD is DC below the root DC.

  There can only one value here such as 'ephesoft'. 'cn=na,cn=ephesoft' or 'cn=ephsesft' is not allowed.

• user.connectivity_domain_component_organization: Root DC of the AD store (typically "com").

• user.connectivity_username: User name to connect to the AD server.

• user.connectivity_password: User password to connect to the AD server.

• user.msactivedirectory_group_search_filter: Display only the groups that meets the filter value.

• user.connection: Set between 0–2 to enable the AD, LDAP or Tomcat configuration in order to authenticate users.

<Realm 
className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://YourDomain.com:389"
connectionName="CN=Ephesoft Service,OU=Users,DC=YourDomain,DC=com"
connectionPassword="UserPassword"
userPattern="cn={0},OU=Users,DC=YourDomain,DC=com"
roleBase="OU=Security Groups,DC=YourDomain,DC=com"
roleSubtree="true"
roleName="cn"
roleSearch="member={0}"/>

Change the following attributes:

• connectionURL: This is the URL to the LDAP server.

• connectionName: User name to connect to the Active Directory server.

• connectionPassword: User password to connect to the Active Directory server.

• userPattern: Path and pattern to the users.

• roleBase: Path to the root where groups reside. Groups must have a common OU to be included in the role base, but can be sub-directories under this specified root.

• roleSubtree: Attribute to enable searches in sub groups.

• roleName: Attribute in Active Directory of the groups that should be included.

• roleSearch: Attribute in the groups specifying the user. The {0} is used as a wild card to indicate all users in those groups.

Set the following property:

update_super_admin_group=true

Set this property to the Active Directory group that should have Super Admin rights.

user.super_admin=Administrators

The group name you provide for user.super_admin will have Super Admin access to all Transact functionality. Super Admin users can assign roles to users in other groups in Transact by selecting System Configuration > Access Manager.