Modifying the Active Directory webconfig

Modify the contents of the webconfig_plugin.txt file to reflect the authentication details for the site's domain. The webconfig_plugin.txt file is located on the Documentation DVD.

To modify the Active Directory webconfig_plugin.txt file

In a text editor, open the webconfig_plugin.txt file.

Make the following changes:

Text to find	Replacement text
`<Plugin Default="true" Name="mydomain" Type="AgfaHC.User.Security.Pam" Path="E:\wwwroot\AgfaHC.User.Security.Web.Services\bin\ AgfaHC.User.Security.Pam.ActiveDirectory.dll">`	Replace Name="mydomain" with the name of the domain. Replace Path="E:\wwwroot\ …” with path to the service on the Application Server. The path was set during the installation of the Application Server.
`<BindFormat>MYDOMAIN\{0}</BindFormat>`	Replace MYDOMAIN with the name of the domain
`<Server>LDAP://myhost.mydomain.com</Server>`	Replace myhost.mydomain.com with the fully qualified domain name of the authentication server.
`<Base>DC=mypartition,DC=mydomain,DC=com</Base>`	Replace mypartition and mydomain with the appropriate values for the domain for both occurances of the text.

Optionally, make the following changes:

Text to find	Replacement text
<MaximumPasswordDays>90</MaximumPasswordDays>	This represents the maximum number of days before the domain users' password must be changed. A value of zero indicates that user passwords in the domain do not expire. This should be set to match the password expiry policy on the LDAP server.
<Attribute EnterpriseName="pwdLastSet" InternalName="ValidPasswordDays" />	Replace pwdLastSet and ValidPasswordDays with the appropriate values for the domain to display a warning about password expiry. This element must be present in the LDAP plugin to ensure that a warning displays in the LDAP interface regarding the password expiration date.
`LDAP CONNECTION POLICY` `<LdapConnectionPolicy default="true" authentication="None" secure="true">` `<Server>LDAP://myhost1…` `<!--` `<Server>LDAP://myhost2…` `<Server>LDAP://myhost3…` `-->`	This represents the pool of LDAP servers used for connection and failover. If you add multiple LDAP domains, when the primary LDAP server is not available, it falls back to the secondary domain controller. List any additional servers here, ensuring that the lines are uncommented. For example: `<LdapConnectionPolicy default="true" authentication="None" secure="true">` `<!--` `<Server>LDAP://ldap.hospital1…` `<Server>LDAP://ldap.hospital2…` `<Server>LDAP://myhost3…` `-->`
`<Scope>OneLevel</Scope>`	Specifies one of the following values to indicate the search scope: Base—search the base-entry only. OneLevel—search all entries in the first level below the base-entry, excluding the base-entry (default). SubTree—search the base-entry and all entries in the tree below the base.

Save the webconfig_plugin.txt file.

Modifying the Active Directory webconfig_plugin.txt file