What is security.ncconf in NCache?

The security.ncconf file helps administrative users to manage and configure node-level security in NCache using LDAP authentication.

Does NCache support secondary LDAP controllers?

Yes, NCache lets users to configure a secondary domain controller using the tag in the security.ncconf file for high availability.

Security Config (security.ncconf)

The security.ncconf file is the main configuration file that handles NCache node level security, which includes the management of admin access to the cache using LDAP authentication. All server nodes make use of the Alachisoft.NCache.Security.dll to implement security for restricted access. The security configuration file allows the admin to employ distributed directory services to authorize individuals for the management of NCache.

Note

You will find security.ncconf at %NCHOME%\config in Windows or /opt/ncache/config in Linux.

Security Configuration File Syntax and Structure

The security configuration file is explained below.

<cache-security enabled="True">
    <ldap host="yourprimarydomain" port="389"/>
    <ldap-secondary host="yoursecondarydomain" port="389"/>
    <administrators>
        <group id="Engineers" dn="CN=Engineers,OU=Alachisoft,DC=example,DC=org,DC=pk"/>
    </administrators>
</cache-security>

Security Tag Definitions and Parameters

The following section explains the tags mentioned as part of the file syntax.

<cache-security>

This tag specifies whether, the cache security is enabled.

<cache-security enabled="True">

enabled: Determines if security is enabled or not (True/False). The default value is False.

<ldap>

This tag keeps information about the primary domain controller for your applications.

<ldap host="yourprimarydomain" port="389"/>

host: Specifies the name/IP of the primary domain controller for the users.
port: Specifies the port on which the primary domain controller is running.

<ldap-secondary>

This tag specifies the information about the secondary domain controller for your application.

<ldap-secondary host="yoursecondarydomain" port="389"/>

host: Specifies the name/IP of the secondary domain controller for the users.
port: Specifies the port on which the secondary domain controller is running.

<administrators>

This tag keeps a list of users having rights on all node-based and API-based operations.

<administrators>
    <group id="Engineers" dn="CN=Engineers,OU=Alachisoft,DC=Alachisoft,DC=org,DC=pk"/>
</administrators>

<group>

This sub tag identifies the groups and their organizational and domain level details.

<group id="Engineers" dn="CN=Engineers,OU=Alachisoft,DC=Alachisoft,DC=org,DC=pk"/>

id: Specifies the Users or Groups on which we want to configure the settings.
dn: Specifies the base DN (Distinguished Name) for searching LDAP entries and narrowing the search scope within the LDAP directory.
- CN: Specifies the name of the Users or Groups.
- OU: Specifies the organizational unit of the Users or Groups mentioned above.
- DC: Specifies the Domain Controllers for the above Users or Groups.