product icon

Exemple de configuration d'Universal Proxy sous Linux

    Le contenu du fichier server.properties doit être le suivant :

    Remarque :

    L'environnement est le protocole LDAP – mode SFA, openLDAP Directory comme serveur d'authentification primaire.

    Le champ company.name est facultatif pendant la configuration. Si vous n’avez pas configuré ce champ, il n’apparaîtra pas dans le fichier server.properties.

    ###
    ### This configuration file contains the settings for the Universal Proxy.
    ### It has four sections
    ### 	* Server settings
    ### 	* LastPass API settings
    ### 	* LDAP settings
    ### 	* RADIUS settings
    ### Fill Server settings and LastPass API settings first. Then fill LDAP settings if you plan to use
    ### Universal Proxy using LDAP or LDAPS or fill RADIUS settings if you are going to use RADIUS.
    ### If a value is not applicable for your case leave it as it is.
    ### For further information see the online documentation:
    ### 	https://support.lastpass.com/help/what-is-lastpass-universal-proxy
    ###
    ### Note, that it is also possible to configure Universal Proxy using the command line tool.
    ### Issue the following command in PowerShell to start the command line configuration tool:
    ### 	sudo uproxy -configurationTool
    ### Online documentation for the configuration tool:
    ### 	https://support.lastpass.com/help/how-do-i-configure-the-lastpass-universal-proxy-via-command-line
    ###
    
    
    #######################################
    #######################################
    ###                                 ###
    ### Universal Proxy Server settings ###
    ###                                 ###
    #######################################
    #######################################
    ##
    ## Server settings: set these values to configure how the Universal Proxy handles incoming authentication
    ## requests. Choose the authentication protocol (LDAP, LDAPS or RADIUS), specify the ports and domains and
    ## set the server mode (LP, PLP, SFA).
    ## For an explanation about server modes see the documentation:
    ## 	https://support.lastpass.com/help/what-is-lastpass-universal-proxy#server_modes
    ##
    
    # The protocol to authenticate users. [LDAP | LDAPS | RADIUS]
    server.protocol=LDAP
    
    # The mode in which Universal Proxy should run [LP | PLP | SFA].
    server.mode=SFA
    
    # The port on which Universal Proxy listens on.
    server.port=1389
    
    # The name of your company. This value appears to end users in the MFA app.
    company.name=Test-company
    
    #################################################################
    #################################################################
    ###                                                           ###
    ### Authentication server settings: Common Login Service      ###
    ###                                                           ###
    #################################################################
    #################################################################
    ##
    ##
    
    cli.cls.integration.key=your_cls_integration_key_goes_here
    cli.cls.integration.secret=your_cls_integration_secret_goes_here
    default.cls.auth.method=push
    
    
    ###################################################
    ###################################################
    ###                                             ###
    ### Authentication server settings: LDAP server ###
    ###                                             ###
    ###################################################
    ###################################################
    ##
    ## LDAP settings: set these values to configure Universal Proxy to be able to communicate with a LDAP server.
    ## Leave these values blank if you are not planning to use Universal Proxy for LDAP authentication.
    ## The ldap.admin.password field is applicable only if the server mode is LP.
    ## The ldap.address, ldap.port and ldap.tls fields can only be used if the server mode is either PLP or SFA.
    ## For an explanation about server modes see the documentation:
    ## 	https://support.lastpass.com/help/what-is-lastpass-universal-proxy#server_modes
    ## For the current server mode see the value of the server.mode variable in this file.
    ## Leave any value blank which is not applicable for your current setup.
    ##
    
    # The address of the OpenLDAP. Applies to server modes: [PLP | SFA]
    ldap.address=172.19.0.5
    
    # The default LDAP server type: [auto | ms | openldap]
    default.ldap.server.type=auto
    
    # The port on which the OpenLDAP expects authentication messages (default: LDAP: 389, LDAPS: 636). Applies to server modes: [PLP | SFA]
    ldap.port=389
    
    # The distinguished name of the LDAP admin user. Example: CN=admin,CN=Users,DC=domain,DC=com
    ldap.admin=CN=testAdmin,CN=Users,DC=testproxy,DC=com
    
    # The password of the LDAP admin user. Applies to server modes: [LP] only.
    ldap.admin.password=your_password
    
    
    # LDAP naming attribute: the name of the LDAP field in which the Linux user logon name is stored. Possible values: uid
    ldap.attribute.login=uid

    Vérifiez les éléments suivants :

    • Le ldap.admin la valeur du champ doit être la même que celle de OpenLDAP distinguishedName valeur du champ.