Product Features
...
Access Control
LDAP/AD Auth
LDAP and AD User Interface Examples
5 min
the following examples can be used to set up the ldap active directory and ldap rfc2307bis form example the following form examples are active directory and ldap rfc2307bis active directory const provider config = { name 'openldap', type 'ldap2307bis', host 'ldap example com', port 389, tls false, binddn 'cn=system,dc=example,dc=com', binddnpassword 'password', usersearchbasedn 'ou=people,dc=example,dc=com', usersearchscope 'sub', userfilter '(objectclass=posixaccount)', userattrid 'uidnumber', userattrusername 'uid', userattrfirstname 'givenname', userattrlastname 'sn', groupsearchbasedn 'ou=groups,dc=example,dc=com', groupsearchscope 'sub', groupfilter '(objectclass=posixgroup)', groupattrname 'cn', groupattruser 'dn', groupattrtype 'member' }; ldap rfc2307bis const provider config = { name 'openldap', type 'ldap2307bis', host 'ldap example com', port 389, tls false, binddn 'cn=system,dc=example,dc=com', binddnpassword 'password', usersearchbasedn 'ou=people,dc=example,dc=com', usersearchscope 'sub', userfilter '(objectclass=posixaccount)', userattrid 'uidnumber', userattrusername 'uid', userattrfirstname 'givenname', userattrlastname 'sn', groupsearchbasedn 'ou=groups,dc=example,dc=com', groupsearchscope 'sub', groupfilter '(objectclass=posixgroup)', groupattrname 'cn', groupattruser 'dn', groupattrtype 'member' }; more examples for active directory filter can be found at active directory field definitions 222,521,247 false true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type test failure if the test fails, you should receive a detailed message about the reason for failure here is a list of a few possible failure reasons unable to connect to the server wrong address/dns name or port of the of the ldap host protocol mismatch connecting with tls to the port that doesn't support authentication certificate validation failure missing or invalid rootca user not found indicates broad range of possible problems like invalid search path, invalid filter, or invalid attributes for username or userid user attribute not found when one of the user attributes is either missing or empty group not found if search path, scope, or filter are invalid group attribute not found if any of the group attributes is empty or missing authentication failure if authentication fails, this usually means invalid username or password authorization failure means that returned set of scopes does not match those of the requested role note the save button is only available if the test successfully completes