Create a text file with input properties for the secadm utility

The secadm utility uses a text file of properties as input for the command. You can create the file manually following instructions here or copy / paste the content in the next section.

  1. In the next step, you create a loginscheme "LDAPBIND." Make sure this logincheme does not already exist on your system.

    If it does exist, use a differnt name for the new loginscheme, for example, LDAPBIND_LMRK.

  2. Create a text file named LDAPAUTH.txt that contains the following properties:
    Note: For readability, the following file output example includes return characters. If you choose to copy/paste this content, depending on the tools you use, you might need to remove the return characters from your file. (See next section.)
    loginscheme add LDAPBIND 
    --ctxfactory com.sun.jndi.ldap.LdapCtxFactory 
    --schemetype WebUPLogin 
    --loginprocedure LDAPBind 
    -–provider ldap://LDAPSERVER:LDAPSERVER_PORT 
    --rdn LDAPSERVERRDN 
    --namingattr userPrincipalName 
    --multiplecontainers yes 
    --searchfilter "(&(<NAMING_ATTR>=<NAMING_ATTR_VALUE>)(objectclass=<STRUCTURAL_OBJCLASS_VALUE>))" 
    --searchstructclass user 
    --searchbinddn DN_LDAP_user 
    --searchbindpassword PASSWORD of ldap user 
    --referral follow 
    --derefalias always

    where

    • DN_LDAP_user is the Distinguished Name of the LDAP user at your site. In some cases, the user name must be in quotation marks, for example, "CN=lawson,CN=users,CN=Business Testing,DC=infor,DC=com"

    • LDAPSERVER:LDAPSERVER_PORT is the fully qualified name of your LDAP server and the LDAP port

    • LDAPSERVERRDN is the Relative Distinguished name and is usually the base of your LDAP structure For example: DC=infor,DC=com Depending on your configuration, if you get a Timeout error authenticating to grid against the LDAPBIND port as you will configure later, you may need to adjust the RDN to be a more specific container such as CN=Users,DC=infor,DC=com

  3. Make sure you save the file after making edits.