- July 30, 2019 at 11:58 am #21902ctijerinaKeymaster
Abstract: This article provides the procedural steps to integrate LDAP and HVR Software to limit HVR Functions by hvr user. Applies to: The steps in this document applies to HVR on your HUB Server and for all HVR versions on any platform (Windows or Linux/UNIX) platforms. Scenario: You have multiple sites managing your HVR Replication. You may have a need to limit one groups access to HVR. Limiting a group will allow you to control what groups have the ability to perform certain hvr functions that can manipulate your databases. Prerequisites: 1. HVR GUI on your HUB 2. PIP is installed 3. Python 2.7 - 2.7.12 4. Ldap3 module via pip on your HUB Overview: · Install python 2.7 thru 2.7.12 where your HVR GUI will reside · Set your PATHS to PYTHON · Install Python module LDAP3 · Modify HVR relevant files Permissions/Access Level - Limiting HVR user by AccessLevel:
The following are detailed steps to activate HVRVALIDPW for your LDAP services.
A. Make sure python 2.7 – 2.7.12 is installed on your hub machine
- PS C:/hvr/hvr_home/bin> python –version
- Same command for Linux
B. Set your PATH to your Python directory on your hub machine
- PS C:/hvr/hvr_home/bin> set PATH=%PATH%;C:Python27
- Same command for Linux, but replace %PATH% with $PATH and proper path to Python27 directory
C. Make sure pythonldap3 library is installed on your hub machine (pip must be installed)
NOTE: pip module must be installed shell>yum pip
- Windows: PS C:/hvr/hvr_homebin> pip install ldap3
- Linux: shell/hvr/hvr_home/bin > python -m pip install python-ldap3
- OR Linux: shell/hvr/hvr_home/bin > pip install python-ldap3
D. Open HVR_HOME/lib/<access_rights.conf_example>
NOTE: Make backup files for original files that need to be renamed.
- This file will have user to access level mapping example for you to modify by user
- Set your ldap user1 as a ReadOnly user – in example user is satestro
- Set your ldap user2 as a ReadExec user – in example user is satestrexec
- Set your ldap user3 as a ReadWrite(super) user – not in example
- Most importantly save This file as access_rights.conf
Access_rights.conf (After edits – working example)
E. Two files to perform actions on.
- Create a copy of hvrvalidpwldap file (not the conf example)
- copy hvrvalidpwldap to hvrvalidpw
- copy hvrvalidpwldap.conf_example to hvrvalidpwldap.conf
- and edit adding your LDAP_Server value. Example below.
- In hvrvalidpwldap.conf enter your LDAP server on the line <LDAP_Server=> (my example below is using localhost)
F. Start your hvrListener with the -A option
- Make sure HVR remote listener is started with -A option
WINDOWS: PS C:/hvr/hvr_home/bin> .hvrremotelistener.exe -A -acs 4343
LINUX: shell/hvr/hvr_home/bin> ./hvrremotlistener.exe –A 4343
G. Connecting to your HVR HUB using your LDAP user
- Register HUB using your LDAP user
- satestro is my LDAP user in this example
H. Verify you are connected by viewing your HVR GUI
- The forum ‘How to’ is closed to new topics and replies.