Configuring LDAP authentication

You can use pre-designated, fixed account names and passwords to enroll devices in MDM, or you can use your existing LDAP (Active Directory, eDirectory, Open Directory) database as the credentials for enrollment. To set this up, you will edit a configuration file on your FileWave server. This can be done at any time during your server setup; as long as it is complete before you begin enrolling MDM clients.
This process consists of:

    1. Backing up the current config file;
    2. Editing a new config file to properly read the LDAP structure; and,
    3. Restarting the Apache Process so it reads the new config file.

Getting the files ready

sudo -s
cd /usr/local/filewave/apache/conf/
cp mdm_auth.conf mdm_auth.conf.bac
cp mdm_auth.conf.example_ldap_auth mdm_auth.conf

You can also use the Finder to locate the file, then drag a copy to your Desktop and edit it with a text editor, such as TextWrangler.

When done, you will delete the copy in the .../conf/ folder and replace it with your edited copy.)
Note: Active Directory (AD) by default requires you bind to the directory to read. Many people create a read-only directory account.

/usr/local/filewave/apache/bin/apachectl graceful

Now, when a user attempts to enroll a device in your MDM server, he or she will use their LDAP credentials to authenticate.


Revision #5
Created 12 July 2023 17:09:55 by Josh Levitsky
Updated 17 April 2024 17:32:22 by Josh Levitsky