Categories

Versions

You are viewing the RapidMiner Server documentation for version 9.0 -Check here for latest version

Changing LDAP settings

By default the LDAP authentication for RapidMiner Server is disabled. If you want to enable it, you need to modify the property filelocal-security.propertieswhich is located in the/standalone/configurationfolder and restart RapidMiner Server. After you have enabled LDAP authentication both user types (LDAP and local users) should be able to log in to RapidMiner Server.

# # Properties for using LDAP authentication with RapidMiner Server # # enable or disable LDAP authentication ldap.enabled=false # provider url ldap.providerUrl=ldap://host:port/dc=DomainComponent # user/pass to access ldap ldap.user=cn=CommonName,dc=DomainComponent ldap.password=changeit # search settings ldap.search.base=ou=OrganizationUnit ldap.search.filter=(&(objectClass=user)(userPrincipalName={0}@active.directory.domain)) # group properties ldap.group.roleAttribute=distinguishedName # user properties ldap.user.displayNameAttribute=cn ldap.user.emailAttribute=email # timeout in sec for cached authentications ldap.cache.timeout=60 # LDAP connection timeout in ms i.e. how long RapidMiner Server should wait for the LDAP server to respond. ldap.connection.timeout=10000

The content of the property file depends on your environment. In the following we list two example configurations for different authentication providers.

# enable LDAP authentication ldap.enabled=true # provider url ldap.providerUrl=ldap://SERVER:3268/DC=ad,DC=rapidminer,DC=com # user/pass to access ldap ldap.user=CN=admin,DC=ad,DC=rapidminer,DC=com ldap.password=ADMIN_PASS # search settings ldap.search.base=ou=rapidminer_devs ldap.search.filter=(&(objectClass=user)(userPrincipalName={0}@ad.www.turtlecreekpls.com)) # group properties ldap.group.roleAttribute=distinguishedName # user properties ldap.user.displayNameAttribute=cn ldap.user.emailAttribute=email # timeout in sec for cached authentications ldap.cache.timeout=60 # LDAP connection timeout in ms i.e. how long RapidMiner Server should wait for the LDAP server to respond. ldap.connection.timeout=10000
# enable LDAP authentication ldap.enabled=true # provider url ldap.providerUrl=ldap://SERVER:389/dc=rapidminer,dc=com # user/pass to access ldap ldap.user=cn=admin,dc=rapidminer,dc=com ldap.password=changeit # search settings ldap.search.base=ou=rapidminer_devs ldap.search.filter=(&(objectClass=inetOrgPerson)(uid={0})) # group properties ldap.group.roleAttribute=cn # user properties ldap.user.displayNameAttribute=cn ldap.user.emailAttribute=email # timeout in sec for cached authentications ldap.cache.timeout=60 # LDAP connection timeout in ms i.e. how long RapidMiner Server should wait for the LDAP server to respond. ldap.connection.timeout=10000

During the initial setup phase of LDAP, it might be helpful to have a look at login messages and errors. To enable logging these to the console output of RapidMiner Server, you need to edit thestandalone.xmllocated in thestandalone/configurationfolder of your RapidMiner Server installation. Find theentry and change thelevelof thetoDEBUG. Note that by default, these messages are already logged to theserver.loglocated in thestandalone/logfolder of RapidMiner Server.

You can also encrypt the content of yourlocal-security.properties. Lookhereto find out how.