Product Selector

Fusion 5.9
    Fusion 5.9

    Set Up NT Lan Manager Authentication for Confluence Connector

    This topic describes how to configure a Confluence site and authenticate with NT Lan Manager (NTLM) to use the Fusion connector.

    Configure Active Directory for Confluence

    Add a new directory with the following settings:

    • Name. Directory name.

    • Directory Type. Microsoft Active Directory.

    • Hostname. Hostname of server running Lightweight Directory Access Protocol (LDAP).

    • Port. Port number.

    • Username. LDAP user login.

    • Password. LDAP user password.

    • Base DN. Distinguished Name (DN) of the LDAP object that is the root node from which to search for users and groups.

    • Additional User DN. DN prepended to the base DN to limit user search scope.

    • Additional Group DN. DN prepended to the base DN to limit group search scope.

    • Permissions > Read/Write

    Create authenticating account

    1. Access the Server Manager in the Active Directory.

    2. Select Roles > Active Directory Domain Services.

    3. Select Active Directory Users and Computers to expand the node.

    4. Expand the directory and right-click Computers to create the new account.

    5. Select the Member of tab.

    6. Select Domain Computers.

    7. Select the General tab and enter values in each field.

      The Computer name field is required.

    Configure delegation for the authenticating account

    1. Access the authenticating account and select the Delegation tab.

    2. Select Trust this computer for delegation to specified services only.

    3. In the Trust field, select Use any authentication protocol.

    4. Select Add.

    5. In the Add Services window, select Users or Computers.

    6. Select the server running the netlogon service from the results list and select OK.

    7. In the Service Type column, select netlogon and select OK.

      The Delegation tab displays the netlogon service available for the account.

    8. Save the following script to the Active Directory server:

      curl -v -L --ntlm -H 'User-Agent: Mozilla/5.0 (compatible; LucidWorks-Anda/4.0)' --negotiate -u 'administrator:FroFro123#' 'http://192.168.1.82:8090/download/attachments/65601/044451.html?version=1&modificationDate=1558624541596&api=v2&download=true'

    9. Execute the command with the hostname and password to set:

      SetComputerPassword.vbs Confluence$@WIN-424E42TCKBB FroFro123#

      The following is a sample result:

      ' Copyright (c) 2018, IOPLEX Software
'
' All rights reserved.
'
' Redistribution and use in source and binary forms, with or without
' modification, are permitted provided that the following conditions
' are met:
'
'   * Redistributions of source code must retain the above copyright
' 	notice, this list of conditions and the following disclaimer.
'
'   * Redistributions in binary form must reproduce the above copyright
' 	notice, this list of conditions and the following disclaimer in the
' 	documentation and/or other materials provided with the distribution.
'
'   * Neither the name of IOPLEX Software nor the names of its
' 	contributors may be used to endorse or promote products derived from
' 	this software without specific prior written permission.
'
' THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
' IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
' THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
' PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT OWNER OR CONTRIBUTORS
' BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
' OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
' SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
' INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
' CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
' ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
' THE POSSIBILITY OF SUCH DAMAGE.

Option Explicit

Dim strPrinc, names, objComputer

If WScript.arguments.count <> 2 Then
    WScript.Echo "Usage: SetComputerPassword.vbs <ComputerPrincipalName> <Password>"
    WScript.Quit
End If

strPrinc = WScript.arguments.item(0)
names = Split(strPrinc,"@")

If Ubound(names) <> 1 Or InStrRev(names(0),"$") <> Len(names(0)) Then
    WScript.Echo "Error: The Computer principal name must be in principal form such as with a $ and @ signs (such as jespa1$@busicorp.local)."
    WScript.Quit
End If

Set objComputer = GetObject("WinNT://" & names(1) & "/" & names(0))
objComputer.GetInfo
objComputer.SetPassword WScript.arguments.item(1)
objComputer.SetInfo

WScript.Echo "The password was set successfully."
WScript.Quit

    See Confluence Connector Configuration Reference for more information.

    Install and configure EasySSO

    1. Access General Configuration > Find New Apps.

    2. Search for NTLM and select the EasySSO Admin app to install it.

    3. In the jespa Licensing section, select the latest jespa.zip file and download the file.

    4. Install the file and buy a license.

    5. Enter values in the following fields to configure the app:

      • Domain. Fully-qualified domain name (FQDN) of your domain.

      • Account. Active directory authentication account.

      • Password. Authentication account password.

    6. Select Save.

    7. Select Test Connection to verify NTLM authentication with the account logs in to Confluence.