Skip to content

LDAP

Introduction

The LDAP is an open,industry standard application protocol to access and to maintain distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications as it ensure the sharing of information on users, systems, networks, services, and applications throughout the network. A common use of LDAP is to provide a common place to store usernames and passwords. This allows many different applications and services to connect to the LDAP server to validate users.

Configuration File: server/dex/ldap.yaml

Restya Core LDAP Configuration

Server Details

host

  • The DNS name or IP address of the server and optional port of the LDAP server in the form "host:port"

insecureNoSSL

  • Field is required if the LDAP host is not using TLS (port 389)

baseDN

  • This is your search base for LDAP queries.
  • This should be at least your domain root, (e.g., dc=domain,dc=local) You can define this as an Organizational Unit if you want to narrow down the search base (e.g., ou=team,ou=company,dc=domain,dc=local)

Connection details

usernamePrompt

  • The characteristic that will be displayed in the password prompt.

username

  • You can use different field from the username here. For pre-windows 2000 style login, use sAMAccountName and for a UPN style login use userPrincipalName.

filter

  • Enter a valid advanced filter like “(objectClass=person)”, to filter users.

bindDN

  • Enter a valid user account/DN to pre-bind with if your LDAP server does not allow anonymous profile searches, or requires a user with specific privileges to search

bindPW

  • Enter a password for the above Bind DN.

idAttr

  • You can use different field from the id attribute here.

emailAttr

  • Attribute to map to user email address.

nameAttr

  • Attribute to map to user display name.
Back to top