ExCM, LDAP and SharePoint

I have seen a couple of posts here about using authentication providers other than SQL as the authorization store for ExCM. The responses have typically been yes it will work. However, in looking through the documentation that comes with ExCM I don't see any clear explanation of HOW to do it. I also don't see any way to make changes to ExCM in order to facilitate connecting to the alternative authentication source.

My questions:

1. Can ExCM be manipulated through the GUI or command line to connect to a non-MS LDAP (openldap) provider? This can be either before or after the application installation.

2. If this action cannot be accomplished through the GUI or command line how exactly can it be done?

Thanks!

Have more questions? Submit a request

2 Comments

  • 0
    Avatar
    Matthew McBride

    Alternate providers are configured via the web.config file. MOSS supports the LdapMembershipProvider which can be used to connect to alternate non-MS LDAP stores. We don't provider configuration information for providers other than SQL because typically they involve some proprietary configuration or detailed change management. You will find a number of samples on the web that outline this configuration. Here is one example...

    http://technet.microsoft.com/en-us/library/cc197251.aspx

     A couple of notes regarding the LdapMembershipProvider provided by MOSS. It does not support profiles or any of the membership password operations like change or reset password. It will support authentication and LDAP roles.

    Jeremy Luerkens
    Manager, Software Production
    SharePoint Solutions
  • 0
    Avatar
    Matthew McBride

    Thanks Jeremy, I figured as much. I have it configured so that I can resolve users in the PeoplePicker but when I try and log into the external site as one of those users I cannot. I get the "Server could not log you in: message.

    Has to be something in the web.config file but I can't figure out what it is. Of course it might be easier if we weren't being forced into using an LDAP store that employees a heavily modified schema. :-(

     I appreciate the response!

     

    Jay 

Please sign in to leave a comment.