Hi Group, I've followed the instructions from the documentation to configure LDAP and Ensemble to authenticate, however, I'm unable to authenticate using an account in the LDAP.  The user is able to authenticate in a Linux shell.  I have added the ObjectClass of IntersystemsAccount and the 3 group definitions to the schema.  Other than adding the user to this group, do I have to change the user's objectClass at all?  

This is not on active directory - it is a Linux based LDAP solution (slapd).

0 3
0 676
Mathew Burt · Oct 19, 2016
LDAP Adapter - Credentials?

I'm writing an operation to use the LDAP Outbound Adapter to query AD.

The operation's settings include a basic Credentials selector, to allow you to use the built in Credentials function of Ensemble. This can be referenced in the operation with ..Adapter.Credentials

1 6
0 565

I was recently asked whether we have a function to convert LDAP date time stamps into $HOROLOG format or other formats and the answer is not at the moment, but there is a simple method to do the conversion.

Let us look at the facts and figures involved...

1) Active Directory's (AD) date 0 (zero) is 1601-01-01 00:00:00.000 or January 1st, 1601 at midnight (00:00:00)

2) AD timestamps are calculated as the number of 100 nanosecond intervals from date 0

3) 864000000000 is the number of 100 nanosecond intervals per day

5 0
0 811

Presenter: Rich Taylor
Task: Use an LDAP schema that differs from the provided default
Approach: Give examples of customized LDAP schema development, using LDAP APIs and ZAUTHORIZE

In this session we explore the various options of for working with LDAP as an authentication and authorization framework. We will look beyond the simple LDAP schemas into working with more complex LDAP configurations that incorporate application level security information.


Content related to this session, including slides, video and additional learning content can be found here.

0 1
0 364

In preparation for a presentation I need a  real-world LDAP schema that has been customized a bit beyond the basics.   Perferably this would be based on an OpenLDAP system which would make it easier to merge into this presentation. 


If you have such a schema you would be willing to share please respond or contact my directly at Rich.Taylor@InterSystems.com

Thanks in advance.

Rich Taylor

0 1
0 266