Fire can be configured to authenticate the user with LDAP. Below are some ways to troubleshoot the LDAP configurations.
Testing LDAP connection with ldapsearch
It is a good idea to test the ldap environment setup using ldapsearch. This ensures that the machine is setup correctly for LDAP - it can connect to the LDAP server, the LDAP username and passwords are correct, the SSL certificates are good if using LDAPS.
Testing Getting User Details from LDAP
cd to your installation directory
Create a properties file called ldaptestconfig.properties
Below is an example:
ldap_attributeUserName=myLdapUsernameldap_Order="DB_LDAP";ldap_URL="ldap://localhost:10389";ldap_base="dc=example,dc=com";ldap_userDn="uid=john,ou=bindusers,dc=example,dc=com";ldap_password="johnspassword";ldap_userSearchBase="ou=sparkflow";ldap_userSearchFilter="(uid={0})";ldap_groupSearchBase="ou=groups";ldap_groupSearchFilter="member={0}"; Fetch the user details for the user xyz with the following command
java -cp app/fire-ui-3.1.0.jar -Dloader.main=fireui.ldap.LDAPTest org.springframework.boot.loader.PropertiesLauncher xyz
What if I get locked out
ldap.Order determines the order in which Fire tries to log in the user. In case you are locked out of Fire and are not able to log in, you can do the following:
Add the below line to conf/configuration.properties
ldap.Order=DB
Then restart the fire server. Now you should be able to log in with your admin account.
Once things are back to normal, you can remove the line you added to configuration.properties and restart the fire server.