LDAP authentication for Yellowfin on SQLserver

We have used C# to do that, but not SQL Server. In the end you have to
connect to SQL Server using either the SQL login or a domain\username
account. If you will be connecting manually you can login as a
particular domain\user that has been given access to the SQL Server, or
have a nightly process impersonate a domain\user account. Anything
outside of that will probably be a custom program written (.NET, C++,
Java, etc.) to query the LDAP server manually.

Hi Duncan,

Yellowfin requires a bit of backend work to get LDAP or Active Directory for
authentication, but I have just implemented it in my organisation.

Firstly you have to stop the Yellowfin application. This is done via the
services console in Administration Tools.

Once stoppped you will have to edit the
\appserver\webapps\ROOT\WEB-INF\web.xml file. You will have to change
"com.hof.adapter.JDBCAuthentication" to
"com.hof.adapter.LDAPAuthentication", which is under the
"com.hof.interfaces.Authentication" parameter name.

The rest of the LDAP configuration is determined by values in the
Configuration database table.
The parameters will already exist in the database, you will just have to
enter values for your particular LDAP server specifics. You will have to
specify the following information:

LDAPHOST: This is the LDAP server IP address or hostname.
LDAPPORT: This is the LDAP TCP/IP Port
LDAPBASEDN: This is the LDAP Base DN, underwhich all yellowfin users and
groups will exist.
LDAPGROUP: This is the LDAP Group (Enter as DN). Only LDAP users that a
members of this group will be allowed to login.
LDAPBINDUSER: This is an administrative user login to the LDAP directory. So
yellowfin can perform searches. (Enter as DN)
LDAPBINDPASSWORD: This is the password for the above user.
LDAPSEARCHATTRIBUTE: This is the attribute that your users will enter in to
the username box for authentication.
LDAPFIRSTNAMEATTRIBUTE: Firstname LDAP attribute, so Yellowfin knows the
users name.
LDAPSURNAMEATTRIBUTE: Surname attribute of user, so Yellowfin knows the
users name.
LDAPEMAILATTRIBUTE: Email attribute of user in LDAP, so Yellowfin can direct
broadcast emails to users.
LDAPFALLBACK: This should be set to TRUE. This will allow you to log in and
administer users if the LDAP is unavailable.

Once you have entered this into the database, restart Yellowfin. You should
then be able to login into Yellowfin using LDAP users who are members of
LDAPGROUP.

I did see some documentation on this somewhere, check
http://yellowfin.com.au
Hope this helps.

Peter Gibson.


"duncan beaumont" <du*************@yahoo.ca> wrote in message
news:11**********************@t31g2000cwb.googlegr oups.com...

Hi,

- SQLserver 2000
- Yellowfin 2.4
- Windows 2003 server

I have been asked to investigate seting up LDAP authentication to
access our
Yellowfin reporting.

If anyone has experience in setting this up? Your help would be
appreciated.
Tips and tricks .. ??

Thanks

Duncan Beaumont