Lightweight Directory Access Protocol (LDAP)

SD Elements can be configured to rely on an LDAP user store for validating access to the application.

Configure LDAP for Single Sign-on

Follow the steps below to configure LDAP for Single Sign-on.

Prerequisites:

  • SSH credentials for sde_admin

  • The application user is a Super User.

  • Network access to the LDAP server.

  • LDAP Information

    • Server URI: The URI of the LDAP server

    • Bind DN: The distinguished name to use when binding to the LDAP server

    • Bind Password: The password to use with the bind DN

    • Start TLS: Indication if connection should use Start TLS for security

    • Base DN: The DN within which to search for the user.

    • Scope: The scope of the search

    • User filter: How to match LDAP users

Steps:

  1. Login to the SD Elements web application

  2. From the gear icon settings menu, select Authentication.

  3. Select option "LDAP" for SSO Type

  4. Update the fields using the LDAP Information.

  5. Click Save

The server is now setup to authenticate users using LDAP. You can test the configuration using the Test User Authentication section on the page.

Custom Configurations:

  1. Open /docs/sde/local_settings and add the following,

    AUTH_LDAP_CONNECTION_OPTIONS = {
    ldap.OPT_REFERRALS: 0,
}

  2. Update the configuration according to the needs of the LDAP server. Example:

    • ldap.OPT_X_TLS_CACERTFILE

    • ldap.OPT_PROTOCOL_VERSION

    • ldap.OPT_REFERRALS

  3. Restart Apache

    sde apache restart
 Refer here for a full list of options: https://www.python-ldap.org/en/latest/reference/ldap.html#options

results matching ""

    No results matching ""