LDAP Configuration for Windows

Perform the below steps for configuring LDAP on Gathr.

Step 1: Configure SSL Certificate

If LDAP server is hosted on SSL, perform the following steps, else skip to Step 2.

Steps to install the Certificate-

  1. Log in to the machine where Gathr is installed i.e. Gathr server.

  2. Save the Trusted Certificate from LDAP administrator, on Gathr server.

  3. Right-click on the Certificate and click Install Certificate.

  4. Select Local Machine and click Next.

  5. Select Place all Certificates in the following store.

  6. Click Browse and select Trusted Root Certification Authorities.

  7. Click Ok and Finish.

Steps to add Certificate to JVM Trusted Store-

Prerequisite - ADS Trusted Certificate

Note: The certificate will be provided by the ADS administrator.

Follow the steps given below to run the command prompt as an Administrator and add the certificate to JVM Trusted Store:

  1. Login to the Server where Gathr is installed.

  2. Open run by pressing “window + r” on keyboard and type msc and press Enter. Or, type services.msc in windows search bar (next to Start) and press Enter.

  3. The list of all the services will appear in a new window.

  4. On the right–side, under Name column, search for “Klera Elasticsearch” service.

  5. Right-click on “Klera Elasticsearch” and click on Stop.

  6. Click on Yes in the pop-up window that appears on the screen, if you want to stop these services.

  7. Wait for all the services to stop.

  8. Search for service name “Klera Electron Service”.

  9. Right-click on “Klera Electron Service” and click on Stop.

  10. Wait for service to Stop.

  11. Copy ADS SSL Certificate in folder "<Klera Root Directory (For example: C:\Program Files\Klera\Klera)>”\Tools\InstallADSCertificateToKlera". Validate that"InstallADSCertificateToJVM.bat" file is also present in this folder.

  12. Rename SSL Certificate file name to “ADS_SSL.cer”, in case it is different.

  13. Open the command prompt with Administrative rights and go to "<Klera Root Directory (For example: C:\Program Files\Klera\Klera)>”\Tools\InstallADSCertificateToKlera".

  14. Run the file “InstallADSCertificateToJVM.bat” as mentioned below:

InstallADSCertificateToJVM.bat “<PATH_to_JRE>”

Here, PATH_to_JRE is the path of JRE installed on the Gathr machine like “C:\Program Files\Java\jre1.8.0_201”.

  1. When the certificate is added successfully, a command prompt will open and the following message will get displayed-“Certificate was added to keystore. Press any key to continue . . .”.

  2. Start Gathr services in below order. Follow step#2 for opening service. For starting service, search for service name mentioned below, then right-click on service and click on Start.

  • ​Klera Elasticsearch.

  • Klera Electron Service.

  • Klera PE Core Service Group.

  • Klera Clustering Data Service

  • Klera Content Viewer Service.

  • Klera Machine Learning Service.

  • Klera SDLC Google Search Service.

  • Klera SDLC Service Group.

  • Post restart of above listed services, you can configure ADS running on SSL protocol with Klera.

Step 2: Configure LDAP on Gathr

  1. Login to Gathr.

  2. Right-click on the Floor (The empty canvas displayed after successful login). A context menu will appear.

  3. Select Security -> Configure Authentication Mode to open the form (as shown in the following screenshot).

  1. Select LDAP option from Authentication Mode and fill in rest of the details.

Open Advanced Settings: This is required to define or update user schema and group schema settings.

  • If Directory Server Type is Microsoft Active Directory, OpenLDAP or Apache Directory Server, user and group schema settings can be modified using ‘Open Advance Settings’.

  • In case of Custom directory server type LDAP, server schema settings need to be defined by admin. Enable/ Disable ‘Open Advance Settings’ checkbox based on Directory Server Type that has been selected.

Note: If ‘Auto Enabled User ‘option is selected, users synced from ADS will automatically get enabled on Gathr. Else, Gathr admin will have to enable the users manually.

  1. Click Configure.

  2. If you have selected ‘Open Advance Settings’, the below screen will appear. Validate/ Configure the parameter values in the form. Click Apply.

After successful completion of above steps, users can enter their Active Directory Username and Password to log in to Gathr.

If you have any feedback on Gathr documentation, please email us!

← Pre-Configuration
LDAP Configuration for Linux →