Configuring the ESF LDAP Security Administration Listener

The following steps provide guidance on how to enable the ESF LDAP security administration web interface for a specific security manager configuration. You must configure the security manager before you start the enterprise server region. Amend some of these steps as required by your particular configuration:

1. In Server Explorer, right-click on Local [localhost:86], and then click Open Administration Page. Alternatively, connect to localhost:86 directly from your internet browser or from the Windows Start menu click Micro Focus Enterprise Developer > Configuration > Enterprise Server Administration.
2. Click Security on the left pane.

   This opens the Configure Security Options page.

3. On the Security Managers tab, click Add.

   This opens the Add Security Manager page.

4. Type a descriptive name in the Name field.
5. Type mldap_esm in the Module field.
6. Type the connection path and port number to your LDAP server in the Connection Path field.
7. Type the credentials that the MLDAP ESM module requires to connect, in the Authorized ID and Password fields.

   The user should have read, write and modify access to the Enterprise Server user, group and resource objects in the LDAP repository.

8. Check Enabled.
9. Type the required cache limit in the Cache limit field.
10. Type the required cache timeout limit, in seconds, in the Cache TTL field.
11. Type a description in the Description field.
12. In the Configuration Information field, add a number of directives to alter the default behaviour. Configure this for your particular LDAP repository. A typical configuration based on the sample configuration would be:

    [LDAP]
    base=CN=Micro Focus,CN=Program Data,DC=somecorp,DC=com
    user container=CN=user-container
    group container=CN=group-container
    resource container=CN=resource-container

13. Click Add.

    This adds the security manager to the Security Manager Pool.

14. Navigate to the Enterprise Server Administration home page by clicking Home on the left pane. You now need to create a listener so you can view the web interface.
15. Click Edit on the row corresponding to the server that you want to attach the listener to.
    Note: Ensure that the server you create the listener for is stopped.
16. Click Server > Properties > Security.
17. Uncheck Use default ES Security Manager configuration.
18. Click Apply.
19. Optionally, in the Security Facility Configuration area, check Use all groups, then click Apply.
20. In the Security Managers List, click Add.

    This opens the Security Managers List page.

21. Click Select for the row that contains the security manager that you created in the earlier steps, and then click Add.

    This adds the security manager to the server's Security Manager List.

22. Type the port number that you want the ESF LDAP security administrator web interface to be accessed on, in the Use port field.

    If you use 0 as the port number then a dynamic port number will be allocated when the server is restarted.

23. Check Enable Security Manager Administration GUI, and then click Apply.

    You can verify that the listener has been added by looking for an ESF Administration GUI entry in the listeners tab

24. Click Server > Control, and then click Start.
25. Use credentials appropriate to your security manager, and then click OK to continue.

    This reopens the Enterprise Server Administration home page.

26. You must wait till the server has started, and then click Edit on the server you have been configuring.
27. Click Server > Properties > Security.
28. Click the URI provided just below the Enable Security Manager Administration GUI checkbox.

    This opens the ESF LDAP security administration web interface within the Eclipse IDE. Alternatively, you can type the URI into one of the supported browsers listed in Prerequisites. You are prompted to type in your username and password before the interface opens.