User authentication against external LDAP server

This chapter contains an example of configuring user authentication against external LDAP service.

Prerequisites

The following description assumes that the admin user’s authentication data is stored on LDAP server accessible through 10.0.0.2 IP address and default LDAP service port number - 389.

User definition is stored under cn=admin,dc=example,dc=com.


../../_images/ldap_structure.png

Configuration

Adding external authentication source


  1. Select Settings > External authentication.
  2. Click Add external authentication source.
  1. Provide essential configuration parameters:
Parameter Value
Type LDAP
Host 10.0.0.2
Port 389
Bind to 10.0.0.10
Bind DN

dc=example,dc=com

Note

Alternatively, define the path to where users definitions are stored cn=##username##,dc=example,dc=com and leave the LDAP base parameter in the user configuration empty
Encrypted connection fail
Delete fail
../../_images/quickstart_ldap_external_auth.png
  1. Click Save.

Adding user authentication method


  1. Select Management > Users.
  2. Find and click the admin user definition.
  3. On the User Data Tab, in the LDAP base field specify the location of admin object in the directory structure cn=admin,dc=example,dc=com.

Note

Leave the LDAP base field empty if you specified where users are stored in the LDAP server configuration (cn=##username##,dc=example,dc=com).

  1. Select External authentication type of authentication method from the Add authentication method drop-down list.
  2. Choose method “LDAP 10.0.0.2:389 bind dn:dc=example,dc=com” and click Save.
  1. Click Save to save user definition.

Related topics: