Primavera Unifier 作为一款全球企业级的项目管理产品,在用户认证层可直接支持LDAP类型集成单点登录,而且是0代码,只要有完全的环境即可快速配置,0上手的同学可以参照官方的原文操作
Authentication Tab (LDAP Double Bind)
The Lightweight Directory Access Protocol (LDAP) is a protocol for querying, and modifying, directory services. The Administrator can configure the server to use either simple-bind or double-bind authentication.
Authentication Type: LDAP Double Bind
Login URL: Enter the URL to log in to Unifier.
Provider: To connect the LDAP server (URL), for example,
ldap://ldap.zyz.com:636
SSL: To connect to the Secure Sockets Layer (SSL) enabled port of the LDAP server.
When Unifier is configured with JDK 8 and integrated with LDAP SSL:
- Add "-Djdk.tls.client.protocols=TLSv1" Java option to setenv.sh file.
- Restart Unifier.
The above settings enable you to log in using LDAP SSL.
Example
Setting in setenv.sh file: export
JAVA_OPTIONS="$JAVA_OPTIONS
-Djdk.tls.clent.protocols=TLSv1"
Provider Base: (Optional) When you select the Double Bind method of authentication, you need to find the user's DN and then authenticate them. Finding the user's DN is used as the base for searching the LDAP tree. If the Provided Base is not set, the root is assumed by the system:
ldap.provider.base
Authorized User: When using the Double Bind method of authentication, find the user's Distinguished Name (DN) and then authenticate. This is used as the "trusted" or "search" login user's DN (first bind).
Authorized User Password: When using the Double Bind method of authentication, this is the authorized user's login password.
Search Field: The default value is "cn." You need to enter the node field that you want to search.
Admin User Bypass: To allow the administrator bypass the LDAP login.
Test User Name (not Saved): Enter the LDAP user name to test the LDAP server.
Test User Password (not Saved): Enter the LDAP password to test the LDAP server.
当然,对原来不理解的可以可以参考如下配置图,
我的ldap服务和unifier是同属于一台服务器,host: 192.168.13.13 / adserv02.raininghome.com
coadmin 一定要在ldap中先创建好,无论是在配置测试项还是登录unifier系统均引用ldap用户的口令
确实信息无误后,TEST LDAP , succeeded 即可
确认TEST 成功后,save configration and restart unifier server
没有多余的操作,简单干脆。
再登录unifier可以发现,口令已被托管
以上便是Primavera Unifier用户登录与AD(LDAP)域的集成过程,其实挺简单,只要有完整的环境即可操作。
需要了解Primavera P6登录与AD(LDAP)域的集成过程,移步到 https://blog.csdn.net/kping163/article/details/95167405
欢迎志同道合的朋友一起参与探讨及合作 !
蚕豆哥联系方式:kangpingchn@gmail.com 或 Wechat 18620728408