User authentication against external LDAP server

This chapter contains an example of configuring user authentication against external LDAP service.

Prerequisites

The following description assumes that the admin user’s authentication data is stored on LDAP server accessible through 10.0.0.2 IP address and default LDAP service port number - 389.

User definition is stored under cn=admin,dc=example,dc=com.


../../_images/ldap_structure.png

Configuration

Adding external authentication source


  1. Select Management > Servers.
  2. Click Add external authentication source.
  1. Provide essential configuration parameters:
Parameter Value
Type LDAP
Host 10.0.0.2
Port 389
Bind to 10.0.0.10
Bind DN

dc=example,dc=com

Note

Alternatively, define the path to where users definitions are stored cn=##username##,dc=example,dc=com and leave the LDAP base parameter in the user configuration empty

Encrypted connection fail
Delete fail
../../_images/quickstart_ldap_external_auth.png
  1. Click Save.

Adding user authentication method


  1. Select Management > Users.
  2. Find and click the admin user definition.
  3. In the LDAP base field specify the location of admin object in the directory structure cn=admin,dc=example,dc=com.

Note

Leave the LDAP base field empty if you specified where users are stored in the LDAP server configuration (cn=##username##,dc=example,dc=com).

  1. Click Add authentication method.
  1. Provide essential configuration parameters:
Parameter Value
Type External authentication
External authentication source LDAP 10.0.0.2:389 bind dn:dc=example,dc=com
Delete fail
../../_images/quickstart_ldap_user_auth.png
  1. Click Save.

Related topics: