...
Panel |
---|
|
- Install the binary under
/usr/local/bin:
Panel |
---|
|
Configuration for LDAP Authentication
The UDMG Authentication Proxy is capable to use a LDAP Service to authenticate users for UDMG Admin UI:
Panel |
---|
|
...
# Proxy Configuration
[proxy]
# Port, default "5000"
port = "5000"
# Network interface, default "0.0.0.0"
inet = "127.0.0.1"
# Enable recover on panic, default true, should be true for production environment
recover = true
# Enable Cross-Origin Resource Sharing (CORS), should be true for production environment
cors = true
# Enable Request Track ID, default true
tracker = true
# Enable Request Logger, default true
logger = true
# Rate Limit IP Request over 1 second, default 0 (unlimited)
limit = 0
# Enable the Prometheus Metric Endpoint '/metric', default false
metrics = false
...
# Credentials for the synchronization from LDAP to MFT service
# this user must have permission to create/update UDMG users
[service.mft.credential]
username = "ldap_sync"
password = "ldap_password"
# LDAP Configuration
[service.mft.auth.ldap]
# LDAP Server DC with OU
dn = "ou=users,dc=stonebranch,dc=com"
# LDAP Server FQDN or IP
hostname = "myldap.server.fqdn.com"
# LDAP Server Port
port = "1389"
The LDAP replication requires a user with permission for creating and updating users. For example to create the 'ldap_sync' user with the command line interface:
Panel |
---|
|
...
- Install the binary under
/usr/local/bin:
Panel |
---|
|
UDMG Agent Proxy
Create a directory under
/etc/mft:
...