Documentation Center

Enabling LDAP users to log in using another user account

By default, every valid LDAP user is assumed to be a valid Contenta user as well.

About this task

If this is not the case (that is, if you want to disable some LDAP users from accessing Contenta), you can specify who is and who is not a Contenta user in an LDAP user attribute, and enable a check of that attribute in xyldap.cfg.

Procedure

  1. Ensure that in LDAP, each user who wants to log in using a different user name has that alternative user name specified as the value of a specific (new or existing) LDAP user attribute. For example, you might choose to repurpose the LDAP description attribute for this.
  2. Ensure that in LDAP, the alternative user has a specific (new or existing) LDAP user attribute set to TRUE, to indicate that that user is a Contenta user. For example, you might choose to create a new LDAP isContentAUser attribute for this.
  3. Open xyldap.cfg for editing.
  4. Ensure that contenta_login_name_check is present and set to true.
  5. Ensure that contenta_login_name_attr is present and set to the name of the LDAP attribute that contains the alternative user name (in our example, description).
  6. Ensure that is_contenta_user_check is present and set to true.
  7. Ensure that is_contenta_user_attr is present and set to the attribute that specifies if the alternative user is a valid Contenta user (in our example, isContentAUser).
  8. Save and close xyldap.cfg
  9. Restart PcmPortal.