How to integrate your on-premises LDAP environment in Vizito (for Linux)

Step 1: NodeJS

Use your favorite package manager to install NodeJS

Step 2: LDAP client

Download and extract our LDAP client to a directory of your choice

Step 3: Config

Edit config.json to match your environment.

Here you can find the configuration values and a description of what information you need to enter:

JSON property Mandatory  Description
ldap_url Yes  The internal URL / IP of your LDAP server. Example: ldap://ldap.forumsys.com .
ldap_bind_credentials.user_cn Yes  The user CN that is used for the LDAP bind. Usually a specific technical user is created for this with read only rights.
ldap_bind_credentials.password  Yes  The password for the LDAP bind user.
search_scope  Yes  This configures the search depth:
base - searches only the search_base level;
one - searches only the immediate subordinates to the base object, but does not include the base object itself;
sub - this searches the search_base level and all of its subtrees.
search_base Yes The search base used for looking up CN entries. This should be the top level of your LDAP domain where you want to look for entries.
mobile_prefix No If your LDAP dictionary contains local or internal mobile phone numbers (without country code), you can add a prefix containing the country code. The first character of the local or internal mobile phone number will be replaced with this prefix.
ldap_filter No If you want to filter the LDAP search results, you can do so using an ldap filter. This searches only for matching records.
Examples of this filter are: only persons belonging to a specific group, only persons having a mobile phone number configured, ... .
An example of a filter: (&(memberof=OU=VizitoGroup,OU=Applications,OU=Groups,DC=company,DC=com)) .
api_port Yes Default value: 48800. This configures the port at which the node application will listen for HTTP(s) requests.
use_ssl_for_api Yes Default value: false. If set to true, it will use the ssl.ca, ssl.key and ssl.cert configuration items to load a private key / public key pair for enabling TLS communication.
Read up here on creating your own self-signed certificates using a custom root CA.
authentication.enabled Yes Indicates if basic authentication is needed to make a request to this server.
authentication.username No The username that is configured for basic authentication.
authentication.password No The password that is configured for basic authentication.

Step 4: Run

run the following command:
node /path/to/ldapclient/server.js
If everything works as intended, you should see "Server is listening"
You can now use a browser to test the LDAP http server by pointing your browser to http://ip_or_hostname_of_machine_running_ldap_client:48800 (change the port if you changed it in the config file)
If you're running a firewall, make sure it allows access to the port you configured (default 48800).
If your browser shows a JSON object representing the users you want to expose, than everything works!

Step 5: Configure the backoffice to make the tablet connect to the client

Navigate to https://backoffice.vizito.be and under Settings, configure the Host datasource as 'Managed externally' and fill in the Integration URL.

An example: http://192.168.1.100:48800.

Now the tablet will look up the information from the installed client.

Step 6: Use PM2 to daemonize the node process

Please refer to https://github.com/Unitech/pm2 for instructions on how to install and use PM2.

on 10/29/2015 by Steven Gilissen
Was this helpful?