Configure LDAP authentication

This topic explains how to configure your implementation to use LDAP authentication.

Define LDAP user permissions

You can import users from existing LDAP systems into DA-managed authentication realms.

Valid LDAP users can log in, but they have no permissions unless they are part of an LDAP authorization realm (group). To provide permissions, import the LDAP users as described next in Import LDAP users, and define their permissions before they log in.

Back to top

Import LDAP users

To import LDAP users:

  1. Navigate to Administration > Security.

  2. Select the Authentication (Users) tab.

  3. In the side menu, select an LDAP realm, and then click Import User.

  4. Enter the name of the user.

    If you enter a search filter in the Username field, enclose the filter in parentheses.

  5. Click Import.

Back to top

Limit LDAP users by group

To limit the LDAP authentication realm users by a specific group, you must use the LDAP filter.

To limit LDAP users by group:

  1. Navigate to Administration > Security.

  2. Select the Authentication (Users) tab.

  3. Create or edit an LDAP authentication realm. For details, see Create LDAP authentication realms.

  4. In the Create Authentication Realm dialog box, in the User Search Filter field, specify the name of the group you want to use as a restriction, for example:

    (&(memberOf=CN=automation,OU=LDAPTest Groups,DC=ldaptest,DC=net)(sAMAccountName={0}))

    In this example, the first condition,

    (memberOf=CN=automation,OU=LDAPTest Groups,DC=ldaptest,DC=net),

    limits the LDAP authentication realm to only the users of the automation group.

Back to top

See also: