How To: HVRVALIDPW for LDAP users
This article provides the procedural steps to integrate LDAP and Local Data Processing Software to limit Local Data Processing Functions by hvr user.
The steps in this document applies to Local Data Processing on your HUB Server and for all Local Data Processing versions on any platform (Windows or Linux/UNIX) platforms.
You have multiple sites managing your Local Data Processing Replication. You may have a need to limit one groups access to Local Data Processing. Limiting a group will allow you to control what groups have the ability to perform certain hvr functions that can manipulate your databases.
1.Local Data Processing GUI on your HUB
2.PIP is installed
3.Python 2.7.9 - 2.7.12
4.Ldap3 module via pip on your HUB
Install python 2.7 thru 2.7.12 where your Local Data Processing HUB will reside
Set your PATHS to PYTHON
Install Python module LDAP3
Modify Local Data Processing relevant files
Permissions/Access Level - Limiting Local Data Processing user by AccessLevel- (Optional):
The following are detailed steps to activate HVRVALIDPW for your LDAP services.
Step 1] Make sure python 2.7.9 – 2.7.12 is installed on your hub machine
- PS C:/hvr/hvr_home/bin> python –version
- Same command for Linux
Step 2] Set your PATH to your Python directory on your hub machine
- PS C:/hvr/hvr_home/bin> set PATH=%PATH%;C:Python27
- Same command for Linux, but replace %PATH% with $PATH and proper path to Python27 directory
Step 3] Make sure pythonldap3 library is installed on your hub machine (pip must be installed)
NOTE: pip module must be installed: shell>yum pip
- Windows: PS C:/hvr/hvr_homebin> pip install ldap3
- Linux: shell/hvr/hvr_home/bin > python -m pip install python-ldap3
- OR Linux: shell/hvr/hvr_home/bin > pip install python-ldap3
Step 4] Open HVR_HOME/lib/< access_rights.conf_example >
NOTE: Make backup files for original files that need to be renamed.
- This file will have user to access level mapping example for you to modify by user
- Set your ldap user1 as a ReadOnly user – in example user is satestro
- Set your ldap user2 as a ReadExec user – in example user is satestrexec
- Set your ldap user3 as a ReadWrite(super) user – not in example
- Most importantly save This file as access_rights.conf
Access_rights.conf (After edits – working example)
Step 5] Two files to perform actions on.
- Create a copy of hvrvalidpwldap file (not the conf example)
- copy hvrvalidpwldap to hvrvalidpw
- HVR_HOME/lib/ hvrvalidpwldap.conf_example
- copy hvrvalidpwldap.conf_example to hvrvalidpwldap.conf
- and edit adding your LDAP_Server value. Example below.
- In hvrvalidpwldap.conf enter your LDAP server on the line <LDAP_Server=> (my example below is using localhost)
Step 6] Start your hvrRemoteListener with the -A option
- Make sure HVR remote listener is started with -A option
PS C:/hvr/hvr_home/bin> .hvrremotelistener.exe -A -acs 4343
shell/hvr/hvr_home/bin> ./hvrremotlistener.exe –A 4343
Step 7] Connecting to your Local Data Processing HUB using your LDAP user
- Register HUB using your LDAP user
- satestro is my LDAP user in this example
Step 8] Verify you are connected by viewing your HVR GUI