If you have configured the Content Manager so that it can access LDAP directories, you can add users from an LDAP compliant directory service.
Before you begin
The information in this section assumes that you have already set up impersonation users and LDAP is already configured and working. For more information on LDAP configuration, see the implementor's documentation portal.
Archive Manager Explorer does not support:
- LDAP used in combination with the Business Connector.
- The importing membership to User Groups from LDAP.
Procedure
- Open Internet Information Services (IIS) Manager.
- Go to the SDL Archive Manager Explorer Web application and open the
Web.Config file located in the root folder in a text editor.
- In the
<tridionConfigSections> section, enable the following line and specify the full path to your Tridion.ContentManager.config file:
<add filePath="C:\Program Files (x86)\Tridion\config\Tridion.ContentManager.config" />
- In the
<system.web><httpModules> section, enable the following line:
<add name="LdapAuthenticationHttpModule" type="Tridion.Security.Web.LdapAuthenticationHttpModule, Tridion.Security, Version=6.1.0.25, Culture=neutral, PublicKeyToken=ddfc895746e5ee6b" />
- Only if you use IIS 7.5, in the
<system.webServer><Modules> section, enable the following line:
<add name="LdapAuthenticationHttpModule" type="Tridion.Security.Web.LdapAuthenticationHttpModule, Tridion.Security, Version=6.1.0.25, Culture=neutral, PublicKeyToken=ddfc895746e5ee6b" />
- In the
<appSettings> section, set the authorization.method value:
- In the
<appSettings> section of your In the Web.Config file, locate the following line and specify the TCM URI of your Archive Manager User Group in the value field. For example:
<add key="security.group.uri" value="tcm:0-24-65568"/>
- Save and close
Web.Config.
- In IIS, make sure the SDL Archive Manager Explorer application pool Identity is set to
Network Service (the default).
- Configure IIS security settings:
- Select the SDL Archive Manager Explorer Web site and double-click the Authentication icon on the right.
- Select the Anonymous Authentication row and click Enable in the Actions area on the right.
- Select each of the other rows in turn and for each row, click Disable in the Actions area on the right. (If necessary, you could choose to keep Digest Authentication and Forms Authentication enabled.)
- Close IIS.