Configure Pentaho Business Analytics for LDAP Authentication

SERVERS

In order to learn how to setup the Pentaho Business Analytics suite to use LDAP authentication I put together the following virtual machines:

  1. CentOS 6.6 Linux – running Pentaho Business Analytics suite (automatic, GUI install)
  2. CentOS 7 Linux – running Apache Directory Service LDAP server (http://directory.apache.org)
  3. Apache Directory Studio (http://directory.apache.org/studio/) installed on both the ApacheDS server and on the Windows 7 host machine

For my own benefit as much as anything at this point I’d like to point out that I have a couple of configuration issues with the Pentaho BA server start-up:  currently I have to manually start PostgreSQL and restart the BA server.  These are the commands I use to do this:

Make sure I’m in my Pentaho installation directory:

$ pwd

/home/pentaho/Pentaho

$ ./ctlscript.sh start postgresql

$ ./ctlscript.sh restart baserver

The ApacheDS service is also started manually – at this point I’m not sure why the /etc/init.d script doesn’t automatically start it…  The command used is:

$ sudo /etc/init.d/apacheds-2.0.0_M19-default start

To confirm ApacheDS is running on, and on which port (documentation suggests both 10389 and 389 for non-SSL connections)

$ netstat -a | grep 389

The ApacheDS server firewall configuration required that I change the Permanent configuration for Services and add the 10389 (TCP) port manually.

CONFIGURING LDAP

Using the Apache Directory Studio software installed locally on the Windows host machine here’s how I connected to the ApacheDS server – click on the “New Connection…” button in the Connections window:

 
ldap-connection-settings-1.PNG
 

Next, on the Authentication tab, I entered the default Bind details. The default password is “secret”. All other details were left at their default settings. Details on how to change the default password can be found here: ApacheDS – changing the default password

 

ldap-connection-settings-2.PNG

 

Using instructions I found here: LDAP – Apache Directory Studio: A Basic Tutorial I configured the following entries:

 

http://www.nigelpond.com/images/ldap-entries-1.PNG

http://www.nigelpond.com/images/ldap-entries-2.PNG

http://www.nigelpond.com/images/ldap-entries-3.PNG

http://www.nigelpond.com/images/ldap-entries-4.PNG

 

CONFIGURING PENTAHO

Then, from the Pentaho BA suite web login page, I configured and tested the LDAP authentication settings. Here follow screenshots of these settings – there is some overlap in some of the images…

 

http://www.nigelpond.com/images/configuring-pentaho-business-analytics-suite-for-ldap-1.PNG

http://www.nigelpond.com/images/configuring-pentaho-business-analytics-suite-for-ldap-2.PNG

http://www.nigelpond.com/images/configuring-pentaho-business-analytics-suite-for-ldap-6.PNG

http://www.nigelpond.com/images/configuring-pentaho-business-analytics-suite-for-ldap-3.PNG

http://www.nigelpond.com/images/configuring-pentaho-business-analytics-suite-for-ldap-4.PNG

http://www.nigelpond.com/images/configuring-pentaho-business-analytics-suite-for-ldap-5.PNG

 

Then, finally, you’re able to log into the Pentaho Business Analytics web interface using an LDAP authenticated user:

UPDATE: I needed to set up a new environment like this and using the same settings I’ve found that entering the UID – in this case ‘npond’ – the login doesn’t work. But, if I enter my CN ‘Nigel Pond’ it works…

 

http://www.nigelpond.com/images/logging-in-to-pentaho-using-ldap-authentication.PNG

 
 



Comments are closed.