Skip to main content
Pentaho Documentation

Manual LDAP Configuration

 
You must have a working LDAP server with an established configuration before continuing. Follow the instructions below to manually switch from Pentaho default security to LDAP security.
  1. Stop the Pentaho Server.
  2. Change the securities.properties file located at /pentaho-solutions/system folder from provider=jackrabbit to provider=ldap, and then save and close the file.
  3. Edit the /pentaho-solutions/system/applicationContext-security-ldap.properties file and modify the localhost and password to match your configuration:
    contextSource.providerUrl=ldap\://localhost\:10389/ou\=system
    

     

    contextSource.password=secret
    
  4. Save and close the file.
  5. Optional: if you have the Data Access plugin installed, edit the /pentaho-solutions/system/data-access/settings.xml file and modify the settings to match your LDAP configuration. Find and replace the entries for Administrator in the following examples with the correct administrator name for your LDAP configuration:
    <!– roles with data access permissions –>
    <data-access-roles>Administrator</data-access-roles>
    <!– users with data access permissions –>
    <!–
    <data-access-users></data-access-users>
    –>
    <!– roles with datasource view permissions –>
    <data-access-view-roles>Authenticated,Administrator</data-access-view-roles>
    <!– users with datasource view permissions –>
    <!– <data-access-view-users>suzy</data-access-view-users> –>
    <!– default view acls for user or role –>
    <data-access-default-view-acls>31</data-access-default-view-acls>
    
  6. Save and close the file, then edit the following files in the /pentaho/server/pentaho-server/pentaho-solutions/system/ folder and change all instances of the Administrator and Authenticated role values to match the appropriate roles in your LDAP configuration:
    • pentaho.xml
    • repository.spring.properties
    • applicationContext-spring-security.xml
  7. Delete these two folders from the /pentaho/server/pentaho-server/pentaho-solutions/system/jackrabbit/repository directory:
    • repository
    • workspaces
  8. Optional: for SNMP only, make sure you change the admin user and password in the /pentaho-server/pentaho-solutions/system/karaf/etc/pentaho.jms.cfg file to match your LDAP Admin user and password located in the repository.spring.properties file. 
  9. Restart the Pentaho Server and test the LDAP functionality.

The Pentaho Server is now configured to authenticate users against your directory server. The LDAP Properties reference article contains supplemental information for LDAP values.