- 5 minutes to read

Installing the Nodinite LDAP Web API

This guide teaches how to install the Nodinite LDAP Web API.

Download Latest version

The following two hosting options exist:

  1. IIS
  2. Azure App Services

Before you begin

Make sure you comply with the prerequisites.

IIS

Use the steps documented next to install the Nodinite LDAP Web API on Windows Server with IIS.

Step 1: Unzip package

The Nodinite LDAP Web API has no installer (MSI). Unzip the package to the target folder, for example, C:\Program Files\Nodinite\LDAP Web API\:
Unzip Folder

Unblock the files, the PowerShell example below (replace folder as required):

Get-ChildItem -Path 'C:\Program Files\Nodinite\LDAP Web API\' -Recurse | Unblock-File

Step 2: Create IIS Application Pool

Use the Internet Information Server (IIS) Manager.

inetmgr.msc

  1. Create a new Application Pool.
    Add

  2. Name the App Pool, for example, Nodinite LDAP Web API
    App Pool

    Make sure to select No Managed Code

  3. The App Pool must be configured with a named account, and this account must have read/write rights to the folder with the binaries. Optionally, the named account is added to the IIS_IUSRS group, and the file access rights are set on this group instead.

  4. Start a cmd-prompt as this user, this process creates a profile that is required by the new password protection scheme.

Step 3: Create IIS Virtual Directory

  1. Add a new Virtual Directory:
    Create Virtual Directory

  2. Name the Virtual Directory and set the Physical path to the folder where you extracted the ZIP package in step 1:
    Name

  3. Convert the virtual directory to an Application:
    Convert

  4. Select the Application pool you created in step 2
    Assign App Pool

Step 4: Configure Connections

Before you can use the Nodinite LDAP Web API, you must perform the initial Configuration.

Step 5: Perform a basic test

You can now test the Nodinite LDAP Web API. There is a plethora of methods in the Samples folder.

  1. Navigate to http://localhost/LDAPAdapter/swagger/ (replace LDAPAdapter according to the name you set in step 3b) or even better if you use HTTPS, https://REPLACEME/swagger/ (review the 'How to perform hardening on your Nodinite LDAP Web API' user guide)
    Swagger
  2. Set the connectionId. This Id is set in the Configuration, Step 4
  3. Execute statement
    GetDomainControllers

NOTE Make sure to set the content type according to your statement to either:

  • JSON - application/json
  • XML - text/xml, application/xml
{
  "RequestId": "b7a211d7-20f3-44bc-b078-7f1b6e1c047f",
  "Batches": [
    {
      "continueOnError": false,
      "guid": "2b25b9e6-4af2-4094-9ae7-e1e4c99b6c8d",
      "AD": {
            "Operations": {
            "GetDomainControllers": {}
        }
      },     
    }
  ],
}

<ns0:LDAP xmlns:ns0="http://integrationsoftware.se/BizTalk/Adapters/LDAP/Request/1.0">
  <Batches guid="2B25B9E6-4AF2-4094-9AE7-E1E4C99B6C8D" returnResponseMessageOnExceptions ="true">
    <Batch guid="3B25B9E6-4AF2-4094-9AE7-E1E4C99B6C8E">      
       <AD>          
          <Operations>
            <GetDomainControllers/>
          </Operations>
        </AD>
    </Batch>    
  </Batches>
</ns0:LDAP>

Sample statement that is easy to use for testing connectivity with Active Directory. This example usually does not require admin rights and uses the default port (389).

Azure App Services

Use the steps documented next to install the Nodinite LDAP Web API in your Azure subscription.

Azure Web App

Important

You must have a connection with the Domain Controllers. A private endpoint is a common option to achieve this.

Zip deploy for Azure WebApps:

  1. Go to your Web App in the Azure portal.
  2. Scroll down to the Development Tools and click Advanced Tools
  3. Click GO ----->
  4. At the top nav bar click on Tools
  5. Click Zip Push Deploy and drag and drop the Zip folder.

    Note

    You might want to perform changes to the appSettings.json file, please review the AppSettings section.

  6. Set permissions (RBAC). The Nodinite LDAP Web API App Service instance requires some permissions to access the app configuration and possibly the Key Vault.
  1. App Configuration Reader on the App Service to access the AppSettings
  2. App Service requires the Azure Key Vault Administrator
    Other deployment options are available here
  1. To test, click on the Default Domain link and add /Swagger, you should now be able to browse.
    Swagger
  2. Next, configure the AppSettings

AppSettings

The settings for the Nodinite LDAP Web API are stored in the App Configuration container.

App Service Environment
App Configuration example.

  1. Create a new App Configuration and name it, in the example, we are using the name devsettings. Change the AppConfigEndpoint entry accordingly either before you upload the ZIP file, or change it directly in the Azure portal.
{
  "https_port": 443,
  "ProductKey": {
    "CustomerName": "",
    "Key": ""
  },
  "ConnectionStrings": {
    "appConfiguration": ""
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AppConfigEndpoint": "https://devsettings.azconfig.io",
  "AllowedHosts": "*"
}
  1. Since you can have multiple connection configurations, you must sequentially use an index to reference the proper entry. The first entry has the index zero (0).

You must create the following settings for each connection. The example below is for the first entry. To protect the password, please store it in Azure Key Vault, as detailed here.

LdapSettings:Connections:0:AuthenticationType
LdapSettings:Connections:0:DSAServer
LdapSettings:Connections:0:DSAServerPort
LdapSettings:Connections:0:Id
LdapSettings:Connections:0:KeyVaultPassword
LdapSettings:Connections:0:UserName
LdapSettings:RunningInAzure
ProductKey:CustomerName
ProductKey:Key
refreshAll

Review the Configuration page for details about the values to use.

  1. The refreshAll is the sentinel key to refresh the configuration.

    Note

    After updating any of the values, you must update the value for refreshAll. You can have an initial value of 1, and the step to 2 and so on after every change.

AppSettings
Proper AppSettings configuration example with the Password protected by the Key Vault.

KeyVault

To protect the password, please create the LdapSettings:Connections:0:KeyVaultPassword as a reference to your Key Vault.

Important

Only the value for the password needs to be in the Key Vault!

Key Vault
Password in Key Vault.

Support

Contact our Support for additional guidance if you fail to resolve the installation problem.

Tip

Additional information to aid the troubleshooting may exist in the Windows Event Logs.

Frequently asked

Additional solutions to common problems and the FAQ for the Nodinite LDAP Web API exist in the Troubleshooting user guide.

Next step

Configuration
Update

Prerequisites
Uninstall