Question

7
Replies
1631
Views
 doug yeager (dougy350)
US Treasury

US Treasury
US
dougy350 Member since 2015 32 posts
US Treasury
Posted: February 13, 2017
Last activity: February 15, 2017
Posted: 13 Feb 2017 9:47 EST
Last activity: 15 Feb 2017 14:31 EST
Closed
Solved

LDAP Authentication Mapping Question

Hi,

I am using Pega 7.2.0. Regarding LDAP authentication, I was wondering if the organization information (that can be specified on the LDAP 'mapping tab' is required for LDAP authentication or is it optional? (my LDAP environment is not yet setup for me to test this).

thanks for your help

Doug

Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.

Accepted Solution

Posted: 4 years ago
Posted: 13 Feb 2017 10:44 EST
Chris Koyl (ChrisKoyl)
PEGA
Client Support Engineer Senior Fellow
Pegasystems Inc.
US

Hi Doug,


The mapping of organization information is optional but if your using a OTB authentication activities like AuthenticationLDAP then you should also modify the activity AuthenticationLDAPVerifyCredentials.  (AuthenticationLDAP calls AuthenticationLDAPVerifyCredentials.)


There is logic on AuthenticationLDAPVerifyCredentials that looks for organizational information passed in from LDAP mapping. This is in step 4 and used to dynamically create the Data-Admin-OperatorID record for users that don't yet have one using a model operator record referenced in the Organization Unit record.


The login activities like AuthenticationLDAP are starting points so you can of course modify these to fit your business needs. They are not final and it's expected some changes will be required.


--Chris


 


 
Posted: 4 years ago
Posted: 13 Feb 2017 11:09 EST
doug yeager (dougy350)
US Treasury

US Treasury
US

thanks Chris, that answers it.


As a side question - when I access the Pega LDAP url, it appears the image and styling links are broken (as shown in attachment). Not sure if you have any idea why?  (I noticed the same web issue when my pega academy session timed out).
Posted: 4 years ago
Posted: 13 Feb 2017 12:46 EST
Chris Koyl (ChrisKoyl)
PEGA
Client Support Engineer Senior Fellow
Pegasystems Inc.
US

This only occurs when you have the prconfig or DSS setting for Authentication/RedirectGuests  set to "false" and are using Custom Authentication.  You only set this configuration setting to false when using PRGateway application used for satisfying same domain origin policy when implementing a Mashup in PRPC 7.2 or lower.


If you are using PRGateway then I have a solution for you. If you are not using PRGateway set Authentication/RedirectGuests to "true"