This Step by Step guide is intended to demonstrate a basic configuration using Aspire, the LDAP Cache Service, and an LDAP server using a simple authentication method.
Step-by-step guide
Follow these steps
Start Aspire version 4.0 using either the Elasticsearch or MongoDB as NoSQL providers.
Verify connection with the LDAP server either using JXplorer or Softerra LDAP Browser applications.
Add the Group Expansion Manager Service on Aspire (Service Manager page)
Save default configurations for the GEM.
Once verified, add the LDAP Cache service on Aspire (Service Manager page)
Configure the service using at least the following fields.
Group Expansion Manager (previously configured)
Server URL. Example: ldap://<IP_ADDRESS>:<PORT>
Authentication: Simple
LDAP Server password
Check the Use Single Search Base field.
Specify the node in the directory to begin the searches. Example: dc=example,dc=com
Additional fields: User Query and Group Query. These fields required to be set up according to LDAP's configurations. Use the JXplorer or Softerra LDAP Browser to navigate through User and Groups attributes.
The Group Membership Attributes section might be configured as well depending on LDAP's group attributes. Use the JXplorer or Softerra LDAP Browser to navigate through User and Groups attributes. Check the following User and Groups from the LDAP server being used as an example:
Save service configuration. Check the image below with an example of the service configured.
The steps above will let you have the service up and running. If the configurations were provided correctly, Aspire had cached the information about users and groups in the NoSQL provider configured for it.
Let's take a look at the "usersAndGroups" MongoDB collection or corresponding on the Elasticsearch engine for the Group Expansion Manager database.
Aspire provides other resources through the Aspire Debug Console, that will let you run the service and cache users and groups.
Open the Aspire Debug Console.
Click on the LDAP Cache Service name listed on the Top-Level Applications Installed section.
Click on CacheLoadScheduler sub-component.
Click on the Start button on the loadScheduler row. This should cache the users/groups from the LDAP. Some lines must appear in the Aspire Console referring to the start and end of the LDAP information download.
Click the Back button on your IE.
Click on the Main sub-component.
Click on the LdapCache sub-component.
Click on the List button to dump the users/groups cached.