Active Directory Authentication with LDAP
Active Directory is a directory service implementation that provides functionality such as authentication, group and user management, policy administration and more.
LDAP (Lightweight Directory Access Protocol) is an open and cross-platform protocol used for directory services authentication. LDAP is a way of speaking to Active Directory.
Configure LDAP authentication on the Wallboard system:
LDAP settings on the Wallboard system (Administrator -> System settings)
- LDAP server url: the Active directory’s (AD) URL with protocol and port
- User dn patter: identifies the user on AD server directly (more details in section 5)
- User role attribute key: this attribute name will describe the user’s role on the AD (more details in section 4)
- Customer id attribute key: this attribute key identifies the user’s customer on the AD (the customer’s id from the Wallboard system)
- Customer name attribute key: this attribute key identifies the user’s customer on the AD (the customer’s name from thw Wallboard system) (more details in section 4)
- Mappers: these strings map the user’s role. Set value of the desired role to the 'User role attribute key' field on the AD (more details in section 4)
Add user to active directory
Set e-mail address for the created user
Set the client’s name and user role from the Wallboard system to the user’s attribute. In the following example, the client’s name is the company attribute's value and the user’s role is the employeeType attribute's value. You can use other attributes, in this case, you have to change the "User role attribute key" and the "Customer name attribute key" fields value on the Wallboard system. The user role attribute value has to match with one role mapper value from the Wallboard system.
Copy the distinguishedName and change the user name CN to {0} (example below).
- from : CN=Ldap Test,CN=Users,DC=ldap,DC=local
- to: CN={0},CN=Users,DC=ldap,DC=local -> this will be the ”User dn pattern” on the Wallboard system