In this configuration, when a login to the Definition Center is attempted from either iRise Studio or Reader, the authentication is handled by the LDAP server.
There are a few important points to keep in mind when setting up a Definition Center to authenticate using an LDAP server:
- Usernames in iRise Definition Center must correspond to the usernames on the LDAP server.
- User permissions (rights to projects and folders) are still controlled by the user profile project permissions in iRise.
- Turning LDAP authentication on for a Definition Center disables the Change Password feature for non-administrative users and the Reset Password feature for administrative users.
When LDAP is enabled, the Definition Center attempts to authenticate all users via the LDAP server.
1. Click on your name in the top-right corner > Administration & Settings > LDAP Authentication.
2. Select Yes under 'Use LDAP for user authentication'. The LDAP configuration settings become active.
3. Configure your LDAP settings.
4. Click Save.
If you haven't created a username in Definition Center that matches the one in your LDAP server, you will not be able to save the credentials.
The iRise Definition Center service must be restarted for LDAP changes to take place.
Importing the LDAP Server’s Certificate (applies to LDAPS only)
- Open a command prompt and navigate to
- Run the following command:
keytool -import -trustcacerts -alias alias -file certificate_filename -keystore C:\iRise\DefCenter\jvm64\jre\lib\security\cacerts
For the -alias option, you can assign any value.
For the -file option, specify the fully qualified name of the LDAP server’s certificate. For example: C:\mycertificate.cer
- When prompted, enter the keystore password. The default password is changeit
- When prompted to trust this certificate, enter yes
- The following message appears: Certificate was added to keystore