best grammar app

Savvion Active Directory Configuration

Submitted by Abhishek on Wed, 2012-01-04 19:26

Often you would be required to connect your Savvion Server to Active Directory. The Active Directory setup could be that with a windows Server or with a ADAM. ADAM is useful if you don’t want to have a dedicated windows 2003 server for taking care of your users or if you would like to have different active directories for different departments. If you are using ADAM, you can refer to my another post Microsoft Active Directory Manager Configuration for your BPM tool.


Normally if you know that you want to use Active Directory before installation, then a good approach would be to choose LDAP during installation itself. However, sometimes you may not have enough information and would like to install a default Database Realm and then change it to Active Directory.


This tutorial assumes you have installed Savvion in JDBC Realm mode and would now like to connect to your Active Directory.


Step 1: Get the details of your Active Directory Installation

Typically you would need the following:

  • The IP Address or a hostname of the machine where Active Directory Server or ADAM is running
  • The Port Number, which defaults to 389
  • Username using which you would connect to server. This could be a fully qualified name like CN=adimin,CN=Users,DC=constonline,DC=com or could even be an email based like
  • The Password with which you will connect to the server


For our example setup here are the details:

Server IP:

Port Number: 389

Username: CN=abhishek, CN=Users, OU=constonline,OU=com

Password: mishra


Step 2:Test if you can connect with the credentials

To test if you have the right set of Information, you can use any LDAP Explorer Tool. For Example when I connect to my Active Directory I see something like the screenshot below:





If you cannot connect then probably you have wrong configuration. Its also possible that you are using a firewall on server which is not allowing you to connect remotely.


Step 3: Note Down the Attribute Names

You will need to note down a few attribute names. If you click on your user in LDAP Explorer tool you can see it on the right pane:

  • Username: In our case it is “name”. If you are using windows Active directory server it will be “sAMAccountName”.
  • First Name: This is normally the “givenName” attribute
  • Last Name: This is normally the “sn” attribute
  • Phone Number: Windows uses “telephoneNumber” attribute for this
  • Email: This is normally bound to the attribute “mail”

Keep these handy. We will need them for next step.


Step 4: Backup your umacl.conf file

You need to keep a backup of umacl.conf file under your SBM_HOME/conf folder just in case things go wrong.


Step 5: Modify your umacl.conf file

Modify your UMACL file. Follow the instruction below for each key (if a key is not mentioned it means leave it to the default value):

Abhishek Mishra
Good experience in working with BPM technologies like Savvion, JBPM. Founder and Chief Editor of Founder of Savvion Business Manager Mobility Framework Savmobify| View my BPMGeek Profile
best grammar app

About BPMGeek

BPMGeek is an initiative to collaborate and communicate with the growing Business process management community out there. The goal is to help developers connect with experts, ask questions, post their learning and get understanding of BPM Concepts. Often tool specific knowledge of niche areas end up developers perplexed and confused - especially when there are very less number of resources available. We will be coming up several several new features. Have a look at our Roadmap here

BPMGeek is an independent entity not associated with any Product. All BPM product professionals are invited to contribute. The Logos and Names used across the site belong to their respective owners. The viewpoints mentioned by Individual contributors are their own. BPMgeek cannot be held liable for any issues arising out of it.

BPMgeek is promoting the Nounshoun English Grammar App - developed by Constellation Software.