Skip to main content
Pentaho Documentation

Configure LDAP for the DI Server

You must have a working directory server with an established configuration before continuing.

Follow the instructions below to manually switch from Pentaho default security to LDAP security.

  1. Stop the DI Server.
  2. Change the securities.properties file located in /pentaho-solutions/system folder from provider=jackrabbit to provider=ldap .
  3. Save and close the file, then edit the /pentaho-solutions/system/applicationContext-security-ldap.properties file and modify the localhost and password to match your configuration.
    contextSource.providerUrl=ldap\://localhost\:10389/ou\=system
    contextSource.password=secret
  4. Update adminRole and adminUser for your system, replacing adminRole with the administrator role that you have
    defined in your LDAP server, and replacing adminUser with the user name that has the administrator role assigned
    to it.
    adminRole=cn\=Administrator,ou\=roles
    adminUser=uid\=admin,ou\=users
  5. Save and close the file, then edit the following files in the /pentaho/server/data-integration-server/pentaho-solutions/system/ directory and change all instances of the Administrator and Authenticated role values to match the appropriate roles in your LDAP configuration:pentaho.xmlrepository.spring.propertiesapplicationContext-spring-security.xml
    • pentaho.xml
    • repository.spring.properties
    • applicationContext-spring-security.xml
  6. Delete these two folders from the /pentaho/server/data-integration-server/pentaho-solutions/system/jackrabbit/repository directory:
    • repository
    • workspaces
  7. Restart the DI Server.
The DI Server is now configured to authenticate users against your directory server. The LDAP Properties reference article contains supplemental information for LDAP values.