Example Active Directory Configuration
Typically the AD main.ldapRealm.userDnTemplate value looks slightly different than OpenLDAP. The value for
main.ldapRealm.userDnTemplate is only required if AD authentication requires the full User DN.
![[Note]](../common/images/admon/note.png) | Note |
|---|---|
If Active Directory allows authentication based on the Common Name (CN) and password
only, then no value will be required for
|
<provider>
<role>authentication</role>
<name>ShiroProvider</name>
<enabled>true</enabled>
<param>
<name>main.ldapRealm</name>
<value>org.apache.shiro.realm.ldap.JndiLdapRealm</value>
</param>
<param>
<name>main.ldapRealm.userDnTemplate</name>
<value>cn={0},ou=people,dc-apache,dc=org</value>
</param>
<param>
<name>main.ldapRealmcontextFactory.url</name>
<value>ldap://localhost:389</value>
</param>
<param>
<name>main.ldapRealm.contextFactory.authenticationMechanis</name>
<value>simple</value>
</param>
<param>
<name>urls./**</name>
<value>authBasic</value>
</param>
</provider>