Add an LDAP Server

This section explains how to define an LDAP/LDAPS server for authentication in an Exasol database.

For more information about using LDAP, see the links in See Also.

This procedure is carried out using ConfD.

Prerequisites

  • The database must be stopped. For more information, see Stop a Database.

  • The database nodes must be able to connect to the LDAP server.

Procedure

The following examples use the command-line tool confd_client in a Linux terminal connected to a database node. For more information about how to use this tool, see ConfD.

  1. To find the name of the database, use the ConfD job db_list. For example:

    confd_client -c db_list
    - Exasol
  2. To add an LDAP server, use the ConfD job db_configure.

    The LDAP Server URL must start with either ldap:// or ldaps:// and must be reachable by the host. If the LDAP server is not using the default ports (389 for ldap, 636 for ldaps), add the port to the LDAP Server URL. You can add multiple LDAP server addresses as a comma-separated list. The servers will then be tried in successive order.

    For example:

    confd_client -c db_configure -a '{db_name: Exasol, ldap_server: "ldap://192.168.16.10:389, ldap://192.168.16.11:389, ldap://192.168.16.12:389"}'

    The Exasol database can only authenticate against one LDAP server. The additional LDAP servers are only used if the first LDAP server is unavailable.

  3. Start the database. For more information, see Start a Database.

Verification

To verify that the database is configured with the new properties, use the ConfD job db_info:

confd_client -c db_info -a 'db_name: Exasol'

See Also