Contact Us 1-800-596-4880
  1. Homepage
  2. Mule Management Console (3.7)
  3. Upgrading the Management Console

  4. Upgrading to MMC with LDAP

Upgrading to MMC with LDAP

If you are upgrading to the latest version of MMC, and your current MMC installation is configured to manage users via LDAP, you will need to migrate your existing LDAP configuration to your new MMC installation.

Migrating LDAP Configuration

MMC stores its LDAP configuration settings in the file <MMC_HOME>/WEB-INF/classes/mmc-ldap.properties. This file contains the information necessary to connect to an LDAP server and to search for users on that server.

To migrate your LDAP configuration, follow these steps:

  1. Expand the new MMC .war file (for example, by copying it to the webapps directory of your Tomcat installation), but do not run the new MMC.

  2. From your old MMC installation, copy the file <OLD_MMC_HOME>/WEB-INF/classes/mmc-ldap.properties to <NEW_MMC_HOME>/WEB-INF/classes/META-INF. For example, if your new installation resides at /var/lib/tomcat6/mmc-console, copy the file to /var/lib/tomcat6/mmc-console-/WEB-INF/classes/META-INF.

    If your old MMC installation is configured for LDAP, but does not contain the mmc-ldap.properties file, then you have LDAP configured via the ldap.xml file (this should not be the case, as this XML file should not be edited). In this case, see the Troubleshooting section below for details on how to proceed.

  3. In your new MMC installation, open the file <MMC_HOME>/WEB-INF/web.xml, and locate the following section:

    <param-name>spring.profiles.active</param-name>
<param-value>tracking-h2</param-value>

  4. Modify the second line to read:

    <param-value>tracking-h2,ldap</param-value>

  5. Save and close the file.

You have now migrated your LDAP configuration, and may start your new MMC.

Troubleshooting

All LDAP configuration should reside in the mmc-ldap.properties file, but you may find that this file does not exist in your installation, even though MMC is configured to use LDAP. In this case, the LDAP settings reside in the file <MMC_HOME>/WEB-INF/classes/META-INF/ldap.xml.

To migrate your LDAP settings, perform the following steps:

  1. In your old MMC installation, open the file <OLD_MMC_HOME>/WEB-INF/classes/META-INF/ldap.xml.

  2. In ldap.xml, locate the bean propertiesLDAP. Within this bean, locate the following section:

    <property name="properties">
            <props>
                <prop key="providerURL">ldap://192.168.1.14:389/</prop>
                <prop key="userDn">cn=mmc,dc=company,dc=com</prop>
                <prop key="password">mmcadmin</prop>
                <prop key="userSearchBaseContext">ou=ou=people,dc=company,dc=com</prop>
                <prop key="userSearchFilterExpression">(uid={0})</prop>
                <prop key="userSearchBase">ou=people,dc=company,dc=com</prop>
                <prop key="userSearchAttributeKey">objectclass</prop>
                <prop key="userSearchAttributeValue">person</prop>
                <prop key="roleDn">ou=groups,dc=company,dc=com</prop>
                <prop key="groupSearchFilter">(member={0})</prop>
                <prop key="usernameAttribute">uid</prop><!-- Set to 'SAMAccountName' for ActiveDirectory integration. -->
            </props>
        </property>

    As you can see, this section contains the settings for connecting to and searching within the LDAP server.

  3. If desired, copy the settings listed in the previous step to a convenient location such as a new text file, since you will adapt these settings to a new config file in the next steps.

  4. In your new MMC installation, locate the file <MMC_HOME>/WEB-INF/classes/META-INF/mmc-ldap.properties, then open it for editing.

  5. The mmc-ldap.properties file contains all required settings with default values. Replace the default values with the values of your installation. (You can see the default mmc-ldap.properties file that ships with MMC in the expandable section below.)

    Default mmc-ldap.properties file:

    ################ LDAP CONNECTION ########################
#change providerURL, cn, ou and dc to match your ldap tree.
#Configure the MMC user/password to use for MMC to authenticate users on login
providerURL=ldap://localhost:389
userDn=cn=mmc,ou=people,dc=mycompany,dc=com
#If you want to encrypt your password, set the value to ENC("encodedPassword").
#For encoding your password open a console and cd into the MMC install directory, cd encrypt folder
#and issue the command ./encrypt.sh input="mmc123" password=DEFAULTPASS
#where password refers to the encryption key to use and input is the value you want to encrypt.
#DEFAULTPASS is the default value set by MMC, refer to MMC docs at www.mulesoft.com for information on how
#to change that configuration value.
#password=ENC("HZe9CewttfG/PlAJSL8+KA==")
password=mmc123



################### MMC AUTHENTICATION ##################
#base context to search for users within the LDAP tree (search subtree is in true)
userSearchBaseContext=ou=people,dc=mycompany,dc=com

#A filter expression used to find entries in the LDAP database that match a particular user.
#For example, (uid={0}) looks for an entry whose uid attribute matches the user name as it was
#supplied to the console in the Username field at login
userSearchFilterExpression=(uid={0})


############### USER LISTING #############################
#The base context in the LDAP database in which the console will search for users to list in the admin pages.
#change ou and dc to match your ldap tree.
userSearchBase=ou=people,dc=mycompany,dc=com

#key-value will determine how to search for users. In the default scenario, will look for objectclass=person
#The attribute used to search for users on the LDAP server
userSearchAttributeKey=objectclass

#This is the value of the attribute used to search for users on the LDAP server.
userSearchAttributeValue=person


######### GROUP DEFINITIONS #######################
#The DN of the context used to search for groups to which the user belongs
#change ou and dc to match your ldap tree.
roleDn=ou=groups,dc=mycompany,dc=com
#groupSearchFilter=(memberUid={1})
groupSearchFilter=(member={0})
usernameAttribute=uid

  6. Save the file mmc-ldap.properties.

  7. In your new MMC installation, open the file <MMC_HOME>/WEB-INF/web.xml, and locate the following section:

    <param-name>spring.profiles.active</param-name>
<param-value>tracking-h2</param-value>

  8. Modify the second line to read:

    <param-value>tracking-h2,ldap</param-value>

  9. Save and close the file.

You have now migrated your LDAP configuration, and may start the new MMC.

See Also