How To: HVRVALIDPW for LDAP users

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #21902
    ctijerina
    Keymaster
    Abstract:
    This article provides the procedural steps to integrate LDAP and HVR Software to limit HVR Functions by hvr user.
    
    Applies to: 
    The steps in this document applies to  HVR on your HUB Server and for all HVR versions on any platform (Windows or Linux/UNIX) platforms. 
    
    Scenario:
    You have multiple sites managing your HVR Replication.   You may have a need to limit one groups access to HVR.  Limiting a group will allow you to control what groups have the ability to perform certain hvr functions that can manipulate your databases.  
    
    Prerequisites:
    1.      HVR GUI on your HUB
    2.    PIP is installed
    3.      Python 2.7 - 2.7.12
    4.      Ldap3 module via pip on your HUB
    
    
    Overview:
    ·        Install python 2.7 thru 2.7.12 where your HVR GUI will reside
    ·        Set your PATHS to PYTHON
    ·        Install Python module LDAP3
    ·        Modify HVR relevant files
    
    Permissions/Access Level - Limiting HVR user by AccessLevel:
    
    
    
    
    
    
    

    Steps:

    The following are detailed steps to activate HVRVALIDPW for your LDAP services.

    A. Make sure python 2.7 – 2.7.12 is installed on your hub machine

    • PS C:/hvr/hvr_home/bin> python –version
    • Same command for Linux

    B. Set your PATH to your Python directory on your hub machine

    • PS C:/hvr/hvr_home/bin> set PATH=%PATH%;C:Python27
    • Same command for Linux, but replace %PATH% with $PATH and proper path to Python27 directory

    C. Make sure pythonldap3 library is installed on your hub machine (pip must be installed)

    NOTE: pip module must be installed shell>yum pip

    • Windows: PS C:/hvr/hvr_homebin> pip install ldap3 
    • Linux: shell/hvr/hvr_home/bin > python -m pip install python-ldap3
    • OR Linux: shell/hvr/hvr_home/bin > pip install python-ldap3

    D. Open HVR_HOME/lib/<access_rights.conf_example>

    NOTE: Make backup files for original files that need to be renamed.

    1. This file will have user to access level mapping example for you to modify by user
    2. Set your ldap user1 as a ReadOnly user – in example user is satestro
    3. Set your ldap user2 as a ReadExec user – in example user is satestrexec
    4. Set your ldap user3 as a ReadWrite(super) user – not in example
    5. Most importantly save This file as access_rights.conf

    Access_rights.conf  (After edits – working example)

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    E. Two files to perform actions on.

    1. Create a copy of hvrvalidpwldap file (not the conf example)
      1. copy hvrvalidpwldap to hvrvalidpw
    2. HVR_HOME/lib/hvrvalidpwldap.conf_example
      1. copy hvrvalidpwldap.conf_example to hvrvalidpwldap.conf
      2. and edit adding your LDAP_Server value.  Example below.
    • In hvrvalidpwldap.conf enter your LDAP server on the line <LDAP_Server=>  (my example below is using localhost)

     

     

     

     

    F. Start your hvrListener with the -A option

    • Make sure HVR remote listener is started with -A option

    WINDOWS:    PS C:/hvr/hvr_home/bin> .hvrremotelistener.exe -A -acs 4343

    LINUX:           shell/hvr/hvr_home/bin> ./hvrremotlistener.exe –A 4343

     

    G. Connecting to your HVR HUB using your LDAP user

    • Register HUB using your LDAP user
    • satestro is my LDAP user in this example

     

     

     

     

     

     

     

     

     

     

     

     

    H. Verify you are connected by viewing your HVR GUI

     

     

     

     

     

     

     

     

     

     

     

Viewing 1 post (of 1 total)
  • The forum ‘How to’ is closed to new topics and replies.

© 2020 HVR

Test drive Contact us