You are viewing the RapidMiner Server documentation for version 9.0 -Check here for latest version
Changing LDAP settings
By default the LDAP authentication for RapidMiner Server is disabled. If you want to enable it, you need to modify the property filelocal-security.properties
which is located in the/standalone/configuration
folder and restart RapidMiner Server. After you have enabled LDAP authentication both user types (LDAP and local users) should be able to log in to RapidMiner Server.
# # Properties for using LDAP authentication with RapidMiner Server # # enable or disable LDAP authentication ldap.enabled=false # provider url ldap.providerUrl=ldap://host:port/dc=DomainComponent # user/pass to access ldap ldap.user=cn=CommonName,dc=DomainComponent ldap.password=changeit # search settings ldap.search.base=ou=OrganizationUnit ldap.search.filter=(&(objectClass=user)(userPrincipalName={0}@active.directory.domain)) # group properties ldap.group.roleAttribute=distinguishedName # user properties ldap.user.displayNameAttribute=cn ldap.user.emailAttribute=email # timeout in sec for cached authentications ldap.cache.timeout=60 # LDAP connection timeout in ms i.e. how long RapidMiner Server should wait for the LDAP server to respond. ldap.connection.timeout=10000
The content of the property file depends on your environment. In the following we list two example configurations for different authentication providers.
# enable LDAP authentication ldap.enabled=true # provider url ldap.providerUrl=ldap://SERVER:3268/DC=ad,DC=rapidminer,DC=com # user/pass to access ldap ldap.user=CN=admin,DC=ad,DC=rapidminer,DC=com ldap.password=ADMIN_PASS # search settings ldap.search.base=ou=rapidminer_devs ldap.search.filter=(&(objectClass=user)(userPrincipalName={0}@ad.www.turtlecreekpls.com)) # group properties ldap.group.roleAttribute=distinguishedName # user properties ldap.user.displayNameAttribute=cn ldap.user.emailAttribute=email # timeout in sec for cached authentications ldap.cache.timeout=60 # LDAP connection timeout in ms i.e. how long RapidMiner Server should wait for the LDAP server to respond. ldap.connection.timeout=10000
# enable LDAP authentication ldap.enabled=true # provider url ldap.providerUrl=ldap://SERVER:389/dc=rapidminer,dc=com # user/pass to access ldap ldap.user=cn=admin,dc=rapidminer,dc=com ldap.password=changeit # search settings ldap.search.base=ou=rapidminer_devs ldap.search.filter=(&(objectClass=inetOrgPerson)(uid={0})) # group properties ldap.group.roleAttribute=cn # user properties ldap.user.displayNameAttribute=cn ldap.user.emailAttribute=email # timeout in sec for cached authentications ldap.cache.timeout=60 # LDAP connection timeout in ms i.e. how long RapidMiner Server should wait for the LDAP server to respond. ldap.connection.timeout=10000
During the initial setup phase of LDAP, it might be helpful to have a look at login messages and errors. To enable logging these to the console output of RapidMiner Server, you need to edit thestandalone.xml
located in thestandalone/configuration
folder of your RapidMiner Server installation. Find the
entry and change thelevelof the
toDEBUG. Note that by default, these messages are already logged to theserver.log
located in thestandalone/log
folder of RapidMiner Server.
You can also encrypt the content of yourlocal-security.properties
. Lookhereto find out how.