Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview

Your Cloud Management Platform (CMP) can accept Lightweight Directory Access Protocol (LDAP) authentication if your organization had implemented remote authentication. The CMP portal can be configured to accept remote authentication providers like:

  • Lightweight Directory Access Protocol or LDAP 
  • Microsoft Azure Active Directory

Whenever a user attempts to log in to your CMP portal, the portal authenticates the user against their LDAP or Microsoft Azure Active Directory. If authentication is:

  • Successful: the user is logged into the CMP portal.
  • Unsuccessful: CMP portal will verify the credentials against the database.

When to use remote authentication providers?


Info

The process for configuring Microsoft Azure Active Directory account to support LDAP is beyond the scope of this document. Refer to the Microsoft Support Documentation, to know more about the process. 

You can use remote authentication providers to:

  • Set up specific configurations for Individual Users or User Groups within your CMP portal.
  • Verify the CMP user credentials against your corporate LDAP directory.
  • Prevent performance issues that arise out of downloading large groups-related information from your LDAP directory.

Enable LDAP 

To enable LDAP on your CMP portal:

  1. Login to your CMP portal.
  2. Navigate to Administration>Users>Identity Provider>New>LDAP/AD.
  3. Click LDAP/AD. You'll be redirected to the LDAP/AD Authentication Provider Details page. 
  4. Complete the fields with information specific to your LDAP or Microsoft Azure Active Directory account. Refer to the field description table below: 
Field Name                                                            Connection Details
Provide your organization's LDAP/AD URL.
Name Provide a name for your connection to help you identify the directory.
LDAP Bind User DN 

Provide an LDAP Bind User DN. This is the User Name a user needs to provide at the time of logging into the CMP portal. By default, the User Bind DN lets you authenticate the login and password change operations.

LDAP Bind Password Provide the LDAP Bind Password. This is the user's login password.
Base Details
Filter 

Provide filter, if any.

Base DN 

Provide the value for the root distinguished name (DN) that needs to be used while running queries against the directory server.

Examples

  • o=example,c=com
  • cn=users,dc=ad,dc=example,dc=com

For Microsoft Active Directory, specify the base DN in the following format: 

  • dc=domain1,dc=local.

You will need to replace domain1 and local with your environment-specific configuration.
Microsoft Server has a "ldp.exe" tool that lets you find and configure your LDAP server structure. 

ADFS Details
ADFS Login URL

Enter the URL and Partner URL for your Identity Provider.

Providing the Active Directory Federation Services (ADFS) Login URL, lets you log in to your Identity Provider using a single sign-on (SSO.)  

Relying Party IDEnter the details of the Relying Party ID.

5. Click Save Changes. You can now import users from your remote authentication provider account.

6. Click Test Connection. If the details you entered are correct, you'll get a Connection Successful and Base DN Verified status message to the right.  

  • No labels

© 2020 CloudSphere