Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This guide outlines how Zilla will manage credentials to your systems connected to PO Box.

...

The recommended way to store config info is by creating applications in Zilla and placing the info we need there. This is recommended for on-prem deployment of PO Box that are connecting to a MySQL Database, a PostGREs Database, or an On-Prem Active Directory.

For Active Directory

  1. login to Zilla as an Administrator

  2. Add a new application:

...

  1. Fill out the config we need to connect to active directory and pull users. These are outlined below:

    1. Frequency - How often should we pull users?

    2. Server URI - This is the URI of the server that is hosting you Active Directory. The value of this config should be ldap://{Server IP}. Be sure to replace the bracketed part with the IP of the server that’s hosting your Domain Controller and Active Directory

    3. Search Base - This is the tree that you would like to pull users from on AD. We generally recommend selecting the highest level tree in your AD so we pull all of your AD users. If my OU is zsec.io, then the value of this config would be dc=zsec,dc=io

    4. Login User - this is the username of the service account you created in Active Directory. For more info on how to do this, please see this guide Creating Service Accounts For PO Box . Please be sure to include the full email of the account. For example, if I created an account called zilla-svc, and my forest’s domain is access-ventures.com, then the value for this config should be zilla-svc@access-ventures.com

    5. Login Password - this is the password for the service account you created in AD.

...

  1. Fill out the config we need to connect to the database and pull users. These are outlined below:

    1. Frequency - How often should we pull users?

    2. Database Server Host - this is the hostname or IP of the database

    3. Database Server Port - this is the port that PO Box will send the query request over. By default, MySQL uses port 3306

    4. Database Name (optional) - by default, Zilla pulls users from the system-level; however, if you would like to also pull from a specific database, then you can enter the name of the database, and we will also pull any database-level users. Please note: you will need to grant SELECT access to the service account you have created for this to work.

    5. Database User - the username of the service account you created. Please see hereCreating Service Accounts For PO Boxfor more details.

    6. Database Password - the password for the service account you created.

...