LDAP
Jump to navigation
Jump to search
Overview
Fusion Registry can use LDAP as the authorization mechanism
Defining an LDAP connection
Specifying the Connection Details
On the page page Security -> Authentication Service ensure the drop-down states "LDAP". The following fields are presented.
| Item | Description |
|---|---|
| Protocol and hostname | Mandatory Either select ldap or ldaps (LDAP over SSL) in the left-side drop-down. In the input field, enter the server and if necessary port number. E.g. localhost:10389 |
| Base DN | The Base Distinguished Name identifies the entry in the directory from which searches initiated by LDAP clients occur. E.g dc=metdatatechnology,dc=com |
| Manager DN | The manager DN used for querying the directory server and so this user must have privileges to search the directory. E.g. cn=admin,dc=metdatatechnology,dc=com |
| Manager Password | The password for the manager account |
| User Search Base | The starting point the LDAP server uses when searching for users authentication within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
| User Search Filter | Used to identify the users under the User Search Base by a particular criteria. This is often likely to be: uid={0} |
| Group Search Base | The starting point the LDAP server uses when searching for groups within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search for groups under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
| Group Search Filter | Used to identify the groups under the Group Search Base by a particular criteria. E.g. member={0} |
| Role Prefix | An optional prefix which will be prepended to Granted Authority values loaded from the directory. |
| UserID Attribute | Mandatory This is used to determine what value a user should be displayed as. It is likely this value will be uid |
Once the LDAP server has been set up correctly you should find that attempts to logon as a user from your LDAP directory may be refused permission due to lack of permissions.
The next step is to set up Fusion Security Manager.
