Setting up External Authentication within MindTouch

1. Advanced Configuration

MindTouch has a built in module that makes it easy to connect to external LDAP or Active Directory servers. This tutorial will walk you through how to add it

To get started Login to your MindTouch installation and go to the Control Panel. Once in the Control Panel then click on the Authentication link on the side as follows:

Once you are on the Authentication page then click on the Add Authentication Service tab at the top of the screen. This will then give you the following screen:

From here click the Choose an authentication provider dropdown and select the authentication provider you want to use. In this example we are going to select Microsoft Active Directory as follows:

This will then pre-populate the configuration with the necessary key values that need to be adjusted for your configuration as follows:

Description - This is the name of the Authentication Service entry and will be visible to the End Users on the Login page as a radio button
The Type needs to stay as Native. This references the actual MindTouch extension itself as opposed to the Authentication Server
There are a couple of options for the SID depending on what version of MindTouch you are on. The prefilled SID should be accurate but if you are switching between MindTouch products then here are the available SIDs
1. MindTouch Core SID is: sid://mindtouch.com/2007/05/ldap-authentication
2. Commercial MindTouch SID is: sid://mindtouch.com/ent/2009/03/ldap-authentication
On the login page you will have the option to select how you authenticate to MindTouch. By default it is set to Local, but if you want the external Authentication provider to be the default then you can check this box
The searchbase needs to be customized to match your authentication server setup. If our AD domain name is ad.example.com then the searchbase will look like this: DC=ad,DC=example,DC=com
The hostname also need to be changed to match your authentication settings. This will be the IP address/hostname of the actual AD server
The userquery value samAccountName=$1 shouldn't need to be changed for a majority of installations. Keep this value the way it is and only change if you are advised by a MindTouch Support representative.
The bindingdn needs to be changed to match your configuration. In the example of ad.example.com for the AD server the bindingdn value will be $1@ad.example.com

Once you've configured these settings then you can click the Add Authentication Service and the Authentication Service will be added to your MindTouch install and listed on the Authentication list as follows:

Now when your users go to the login page they will be able to select this authentication provider and login with their Active Directory username and password and be logged into MindTouch.

Advanced Configuration

For advanced configuration of MindTouch review the following resources:

Was this page helpful?: Yes No
Tag page
What links here

Files 5

Attach file or image

File	Version	Size	Modified
Ad_setup.png v3v3 17.05 kB 23:41, 25 Oct 2010
media_1274381576510.png v3v3 167.06 kB 23:56, 25 Oct 2010
media_1274381778616.png v3v3 35.52 kB 23:56, 25 Oct 2010
media_1274382171799.png v3v3 50.87 kB 23:56, 25 Oct 2010
media_1274383378434.png v3v3 26.3 kB 23:56, 25 Oct 2010