User Authentication Against External LDAP Server

This chapter contains an example of configuring user authentication against external LDAP service.

Prerequisites

The following description assumes that the admin user’s authentication data is stored on LDAP server accessible through 10.0.0.2 IP address and default LDAP service port number - 389.

User definition is stored under cn=admin,dc=example,dc=com.


../../_images/ldap_structure.png

Configuration

Adding external authentication source


  1. Select Settings > External authentication.

  2. Click Add external authentication source.

  1. Provide essential configuration parameters:

Parameter

Value

Type

LDAP

Host

10.0.0.2

Port

389

Bind to

10.0.0.10

Bind DN

dc=example,dc=com

Note

Alternatively, define the path to where users definitions are stored cn=##username##,dc=example,dc=com and leave the LDAP base parameter in the user configuration empty

Encrypted connection

fail

Delete

fail
../../_images/quickstart_ldap_external_auth.png

  1. Click Save.


Adding user authentication method


  1. Select Management > Users.

  2. Find and click the admin user definition.

  3. On the User Data Tab, in the LDAP base field specify the location of admin object in the directory structure cn=admin,dc=example,dc=com.

Note

Leave the LDAP base field empty if you specified where users are stored in the LDAP server configuration (cn=##username##,dc=example,dc=com).

  1. Select External authentication type of authentication method from the Add authentication method drop-down list.

  2. Choose method “LDAP 10.0.0.2:389 bind dn:dc=example,dc=com” and click Save.

  1. Click Save to save user definition.


Related topics: