Configure Mobile Center for LDAP

You can integrate LDAP with Mobile Center. This enables individuals in organizations that use LDAP for managing user credentials and permissions, to access Mobile Center with their LDAP credentials, without the need for the administrator to first add them to the list of authorized users.

Enable LDAP on the Mobile Center server

In the Mobile Center Lab console, in the ADMINISTRATION menu, select the SETTINGS tab and in the left panel, click LDAP Integration. Enable and configure the LDAP settings. For details, see settings.

Important: If you are upgrading Mobile Center from a version of earlier than 2.20, you must change the admin@default.com user's password before configuring the LDAP settings. After logging in as the admin@default.com, hover on the user name in the masthead and select Change password.

When you change the Enable/Disable settings, you must restart the Mobile Center server for them to take effect.

Once you enable LDAP integration:

  • You will not be able to add, delete, or change a user's password from the Users page.
  • Users that do not belong to the LDAP database will not be able to log into Mobile Center, with the exception of the admin@default.com user.
  • Before an administrator can assign an LDAP user to a group, the user needs to perform an initial login to Mobile Center.
  • When you enable or disable LDAP, all non-LDAP users, excluding admin@default.com, will be deleted. To retain your existing users, export them prior to enabling or disabling LDAP.
  • If you switch LDAP servers, you must disable and re-enable LDAP in the Administration Settings. Otherwise, the users from the original server will still appear in the Mobile Center user list.

Back to top

Use secure LDAP on the Mobile Center server

To use Mobile Center with secure LDAP (SSL), you will need your LDAP certificate.

  1. Copy the certificate to the Mobile Center server machine.
  2. Import the LDAP certificate to the truststore on the server machine. The following is a sample keytool command for importing the certificate file:

    keytool -import -trustcacerts -keystore "C:\Program Files\Mobile Center Server\server\Security\keystore\trustStoreHpmc" -storepass password -alias myCA -file c:\hpldapsec.der

  3. Upload the certificate to your machine by running the uploadCertificates.bat/sh script from the /Security folder.
  4. Restart the Mobile Center server.
  5. In the Mobile Center Lab Management console, select Administration Settings in the Administration tab, and scroll down to the LDAP Integration section. Enable the SSL Mode setting.
  6. Restart the Mobile Center server.

Back to top

Check the LDAP configuration and obtain a certificate

You can verify the LDAP configuration and obtain your LDAP certificate by using a third-party LDAP browser tool, such as JXplorer.

  1. Download JXplorer.
  2. In JXplorer, select File > Connect. Enter the details for LDAP host, port, security level for connection, User DN, and password. Click OK.

  3. Add the certificate to your trusted keystore.
  4. Select Security > Trusted Servers and CAs. Select the certificate and click View Certificate. Click Copy to File.

    If you encounter errors, there is either a problem with the parameters that you provided for the connection, or with the LDAP configuration itself.

Back to top

See also: