Below is an overview of how to setup LDAP authentication
for the HelpDesk application.
(This assumes your Helpdesk application is up and
functional)
From The
server:
- Double click the “HelpDeskPatcher” icon from the
desktop … or you can use explorer to c:\Program Files\LanWorks\Helpdesk\HelpDeskPatcher.exe
- Confirm “OK” at the application name (probably
“Helpdesk”)
- Click “Change Basic Configuration”
- Enter the path to your LDAP server as LDAP://123.123.123.123
- For now (1st pass) leave “Bypass LDAP
authentication” as true … this is so we can login and change the settings.
- Click OK past the other questions
- Exit the patcher program
From the
browser on the Helpdesk server:
- Launch a browser window (Internet Explorer)
- Enter the path to your helpdesk application (example
http://MyServer/helpdesk)
- Check the box “By pass LDAP: and login as Admin
- Optional if you do not see the menu options:
you may have to add this site as a trusted site to see the menu ..
Tools->Internet Options->Security Tab->Trusted Sites->Sites->Uncheck Require
Server Verification Https and click Add. OK out and close the options
window and click refresh)
- From the menu select Configurator->Menu Editor-> find
the 3 LDAP menu items (2nd page) and check for Admin to see and
click save
- Click refresh on your browser and you should see a
menu menu group called “LDAP”
- Click LDAP group->System parameters and set the 6 LDAP
parameters per the following example:
|
Item |
Value |
|
LDAP Exclusions |
OU=XPWorkstations|OU=VM Terminal Servers|OU=VMWARE MACHINES
|
|
LDAP Password |
Mypassword |
|
LDAP Path |
* |
|
LDAP Type |
ADS |
|
LDAP User |
MyDomain\myADSid |
|
LDAP User Key |
cn= |
- Click menu item “Manually sync LDAP”
- Click “Full Sync” … make note and fix any issues as
listed above “LDAP Sync” (it reads from the top down)
After testing and the initial sync is done. From The server:
- Double click the “HelpDeskPatcher” icon from the
desktop … or you can use explorer to c:\Program
Files\LanWorks\Helpdesk\HelpDeskPatcher.exe
- Confirm “OK” at the application name (probably
“Helpdesk”)
- Click “Change Basic Configuration”
- Confirm the path to your LDAP server as
LDAP://123.123.123.123
- Change “Bypass LDAP
authentication” to blank … else users can login without a password)
- Click OK past the other questions
- Exit the patcher program
To schedule as job (From The server):
- Create a new Task Schedule
- Point to Iexplore
-
C:\PROGRA~1\INTERN~1\iexplore.exehttp://*ServerName*/*HelpDeskPath*/LDAP/Syncer.aspx?SYNC=YES&Type=1
- If you have other databases:
-
C:\PROGRA~1\INTERN~1\iexplore.exehttp://*ServerName*/*HelpDeskPath*/LDAP/Syncer.aspx?SYNC=YES&Type=2
-
C:\PROGRA~1\INTERN~1\iexplore.exehttp://*ServerName*/*HelpDeskPath*/LDAP/Syncer.aspx?SYNC=YES&Type=3
-
C:\PROGRA~1\INTERN~1\iexplore.exehttp://*ServerName*/*HelpDeskPath*/LDAP/Syncer.aspx?SYNC=YES&Type=4
-
C:\PROGRA~1\INTERN~1\iexplore.exehttp://*ServerName*/*HelpDeskPath*/LDAP/Syncer.aspx?SYNC=YES&Type=5
To test LDAP:
- Download an LDAP browser. This is the one that I
use: Softerra LDAP Browser 2.5.3
- Make sure to provide the user authentication (may be
called User DN)
- Install it and test it from the server
- Then install it and test it from a workstation
ADS Anonymous Browsing
of the LDAP :