D LDAP/AD Configuration Examples

This section contains sample RStudio Connect configurations to help you get started with LDAP authentication. We have provided a single bind and a double bind example (double bind is recommended).

The LDIF (LDAP Data Interchange Format) file contained in D.3 describes a LDAP organization used in our examples.

D.1 Single Bind

Here is a partial RStudio Connect configuration file showing how to connect using single-bind LDAP authentication. We are assuming the LDIF contained in D.3 describes the LDAP structure.

; /etc/rstudio-connect/rstudio-connect.gcfg
[LDAP "myLDAPserverSingle"]
ServerAddress = 127.0.0.1:389
UniqueIdAttribute = entryUUID
UserSearchBaseDN = "ou=People,dc=company,dc=com"
UserObjectClass = posixAccount
UserFirstNameAttribute = givenName
UserLastNameAttribute = sn
UserEmailAttribute = mail
UsernameAttribute = uid

D.2 Double Bind

Here is a partial RStudio Connect configuration file showing how to connect using double bind LDAP authentication. We are assuming the LDIF contained in D.3 describes the LDAP structure.

; /etc/rstudio-connect/rstudio-connect.gcfg
[LDAP "myLDAPserver"]
ServerAddress = 127.0.0.1:389
BindDN = cn=admin,dc=company,dc=com"
BindPassword = "password"
UniqueIdAttribute = entryUUID
UserSearchBaseDN = "ou=People,dc=company,dc=com"
UserObjectClass = posixAccount
UserFirstNameAttribute = givenName
UserLastNameAttribute = sn
UserEmailAttribute = mail
UsernameAttribute = uid

D.3 LDIF

Here is an LDIF (LDAP Data Interchange Format) file describing a hypothetical organization.

dn: ou=People,dc=company,dc=com
objectClass: organizationalUnit

dn: ou=Groups,dc=company,dc=com
objectClass: organizationalUnit

dn: cn=membera-grp,ou=Groups,dc=suba,dc=company,dc=com
objectClass: posixGroup
cn: membera-grp
gidNumber: 50000
memberUid: membera

dn: cn=memberb-grp,ou=Groups,dc=subb,dc=company,dc=com
objectClass: posixGroup
cn: memberb-grp
gidNumber: 50001
memberUid: memberb

dn: cn=memberc-grp,ou=Groups,dc=subc,dc=company,dc=com
objectClass: posixGroup
cn: memberc-grp
gidNumber: 50002
memberUid: memberc

dn: uid=membera,ou=People,dc=suba,dc=company,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: membera
sn: A
givenName: Member
cn: Member A
displayName: Member A
uidNumber: 20000
gidNumber: 50000
userPassword: memberaldap
gecos: MemberA
loginShell: /bin/bash
homeDirectory: /home/membera
mail: membera@company.com

dn: uid=memberb,ou=People,dc=subb,dc=company,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: memberb
sn: B
givenName: Member
cn: Member B
displayName: Member B
uidNumber: 20001
gidNumber: 50001
userPassword: memberbldap
gecos: MemberB
loginShell: /bin/bash
homeDirectory: /home/memberb
mail: memberb@company.com

dn: uid=memberc,ou=People,dc=subc,dc=company,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: memberc
sn: C
givenName: Member
cn: Member C
displayName: Member C
uidNumber: 20002
gidNumber: 50002
userPassword: membercldap
gecos: MemberC
loginShell: /bin/bash
homeDirectory: /home/memberc
mail: memberc@company.com