beautypg.com

Connectors, Ldap – Google Search Appliance Managing Search for Controlled-Access Content User Manual

Page 33

background image

Google Search Appliance: Managing Search for Controlled-Access Content

33

Connectors

You can configure an authentication domain for a registered connector manager that has one
connector with support for the authentication Service Provider Interface (SPI). You can have only one
connector instance per connector manager with this authentication method.

Configuring a Credential Group for a Connector Manager

To add a credential group rule for a connector manager:

1.

Click Serving > Universal Login > Auth Mechanisms > Connectors.

2.

Select a credential group from the pull-down menu.

3.

In the Mechanism Name box, type a unique name for the authentication mechanism. A
mechanism name must not be the same as another mechanism name or credential group name.
Mechanism names are case-sensitive and can be up to 200 characters long, and can contain only
alphanumeric characters, underscores, and hyphens. A name cannot begin with a hyphen.

4.

Select a connector name from the pull-down menu.

5.

Optionally, if you want the connector to lookup a user’s group information without performing
authentication, check Perform group lookup only.

If you want the connector to lookup group information and perform authentication, leave the
checkbox unchecked.

6.

Optionally, change the default time for the search appliance to make a network connection by
entering the number of seconds in the Timeout box.

7.

Optionally, type the number of seconds that the verification of user credentials will be trusted in
the Trust Duration box.

8.

Click Save.

For more information about how to configure an authentication domain for a registered connector
manager, click Help Center > Serving > Universal Login Auth Mechanisms > Connectors.

For comprehensive information about connectors, see documentation for the Google Enterprise
connectors (

http://support.google.com/gsa/bin/answer.py?answer=2731901

).

LDAP

For a search appliance to use LDAP for user authentication at serve time, you must perform the
following tasks:

1.

Integrating the search appliance with and LDAP server, as described in the following section.

2.

Enabling LDAP authentication for the search appliance, as described on “Enabling LDAP
Authentication for a Search Appliance” on page 35
.

3.

Enabling group lookup, as described on “Enabling Group Lookup” on page 36.

4.

Configure a credential group rule for LDAP, as described in “Configuring a Credential Group for
LDAP” on page 36.

5.

Protecting the user’s credentials for serve with HTTP Basic and NTLM HTTP, as described on
“Protecting the User’s Credentials for Serve with HTTP Basic and NTLM HTTP” on page 36.