Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleFor Linux only, a manual build of curl to query the Active Directory server

The component uses curl to query the active directory server. For Windows, a version of the curl binary is shipped with the component.

Check if curl is installed on your Linux machine – if your system does not have a version of curl that supports ldap, follow the directions at the bottom below to build curl.

Code Block
curl --version

Code Block
OUTPUT:
curl 8.6.0 (x86_64-pc-linux-gnu) libcurl/8.6.0 OpenSSL/3.0.8 OpenLDAP/2.4.57
Release-Date: 2024-01-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HSTS HTTPS-proxy IPv6 Largefile NTLM SSL threadsafe TLS-SRP UnixSockets

The These steps below show building curl from source for Amazon Intel Linux. For other flavours of linux, adjust the commands accordingly (some common alternatives are included after the steps).

Step 1: Get the latest curl download from the curl website download page.

Code Block
wget https://curl.se/download/curl-8.611.0.tar.gz

Step 2: Use tar to extract the files.

Code Block
tar -xzf curl-8.611.0.tar.gz

Step 3: cd into the curl folder.

Code Block
cd curl-8.611.0/

Step 4: Install gcc if needed.

Code Block
sudo yum install gcc

Step 5: Install openldap-devel.x86_64 if needed.

Code Block
sudo yum install openldap-devel-2.4.57-6.amzn2023.0.6.x86_64

Step 6: Install openssl-devel.x86_64 if needed.

Code Block
sudo yum install openssl-devel.x86_64

Step 7: Run the command to configure and enable ldap.

Code Block
./configure --enable-ldap --with-openssl --without-libpsl

Step 8: Compile the source code.

Code Block
make

Step 9: Install source code.

Code Block
sudo make install

Step 10: Check curl version and make sure LDAP is present in the Protocols list.

Code Block
curl --version

Code Block
OUTPUT:
curl 8.6.0 (x86_64-pc-linux-gnu) libcurl/8.6.0 OpenSSL/3.0.8 OpenLDAP/2.4.57
Release-Date: 2024-01-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HSTS HTTPS-proxy IPv6 Largefile NTLM SSL threadsafe TLS-SRP UnixSockets
Info

Installing openldap and openssl are different on ARM systemsInstall commands will vary on ARM Amazon Linux etc., for example:

Step 4: Install gcc if needed.

  • Ubuntu ARM ( and Intel) Linux: sudo apt install gcc

  • Red Hat and Fedora ARM and Intel: sudo dnf install gcc

Step 5: Install openldap if needed.

  • Amazon ARM Linux: sudo yum install opensslopenldap-devel

  • Ubuntu ARM Linuxand Intel: sudo apt install libssllibldap2-dev

  • Red Hat and Fedora ARM and Intel: sudo dnf install openldap-devel

Step 6: Install openssl if needed.

  • Amazon ARM Linux: sudo yum install openldapopenssl-devel

  • Ubuntu ARM Linuxand Intel: sudo apt install libldap2libssl-dev

  • Red Hat and Fedora ARM and Intel: sudo dnf install openssl-devel

Expand
titleSTEP 7: Done! Logout and use your Active Directory credentials to login to Iguana

Users can now login to Iguana using their Active Directory credentials!

The component will start automatically and run whenever a user logs in to Iguana. The Iguana Service account will try to authenticate the user credentials using Active Directory. When logging in, you must use your Active Directory User Principal Name (UPN) as the username and password. UPN uses the standard format: username@domain_name.

When logged in as an externally authenticated user, you’ll see that any roles matching Active Directory groups are applied.

Screen Shot 2024-04-01 at 1.21.25 PM.png

...