Skip to main content

GUEST/IDM/CONNECT

LDAP Configuration

Warning

The LDAP configuration must only be completed by a user with a fundamental understanding of an active directory system and the settings.

Note

This is only available to On-Premise customers.

Note

The LDAP (Lightweight Directory Access Protocol) is supported from IDM version 1.61.0 onwards.

Introduction into the IDM LDAP (Lightweight Directory Access Protocol), Field descriptions and how to access the LDAP configuration screen.

  • How to Access the LDAP configuration area

  • Overview and description of each field in the configuration area

  • How to configure the LDAP settings

  • How to bypass LDAP

LDAP Configuration Access
SSO_1.png

  • Select the Configuration/Settings icon, located at the top right of the screen.

  • Select the System Settings section.

  • Select the Third Party Authentication and toggle the option to select LDAP.

  • Enter the Third Party Authentication section to manage the configuration process.

  • If changes or updates are to be made to the LDAP settings, scroll down to the bottom of the LDAP configuration screen and select Edit. If no changes are required select Back to exit the configuration screen.

  • There is the option to test the LDAP configuration settings prior to confirming changes with the Save button.

    • Select the Test edited LDAP Configuration button.

    • If there are no missing fields or any issues found with the configuration a green box stating LDAP configuration is valid! will be shown on the screen.

    • If there are missing fields or issues found with the configuration a red box stating the issue or highlighting the missing field will be shown on the screen.

  • After the completion of any changes or updates made to the LDAP settings select Save to save and apply the changes or updates, or select Cancel to discard any changes or updates made.

LDAP Configuration Screen Descriptions

Note

Required fields are indicated with a red Asterisk.

A brief description of each LDAP configuration screen field.

This information is available by selecting the Toggle Help icon. Toggle_help.png

LDAP1_1.png
Guide to the LDAP (Lightweight Directory Access Protocol) configuration

Warning

It is strongly recommended to set at least one account to Allow LDAP Bypass while configuring LDAP to prevent the risk of being locked out of your account. This can be done via the IDM tab once LDAP has been enabled.

Warning

The user must be a System Administrator to perform the following steps.

Note

Required fields are indicated with a red Asterisk.

  • Domain Name: Provide the users unique domain name used when logging into Symmetry Connect.

    LDAP3_1.png

  • Host Name: Provide the correct server name or IP address that the user wants to connect to.

    Network_parameters_1.png

  • Port: Provide the port number Symmetry Connect must use for communication with the domain using LDAP, which is used for single-sign on.

    The default when SSL encryption is not used is 389.

    The default port number when SSL is used is 636.

  • Encryption: Select either SSL or None.

    Symmetry Connect uses SSL Encryption for communications with the global catalog.

    Network_parameters_2.png

  • Authentication Method: Select the authentication method required for searching the user directory.

    Select either Simple or None.

    directory_browsing_2.png

  • Bind DN or User: Provide a distinguished name or username for a user with the correct read rights to access the user directory.

  • Bind Password: Provide the users password.

    directory_browsing_1.png

  • Test Edited LDAP Configuration: Test the configuration settings.

    • If there are no missing fields or any issues found with the configuration a green box stating LDAP configuration is valid! will be shown on the screen.

      Pass__1_.png

    • If there are missing fields or issues found with the configuration a red box stating the issue or highlighting the missing field will be shown on the screen.

      Pass__3_.png

  • Bind Users Base DN: Provide the users base distinguished name.

  • User Name Attribute: Provide the directory user attribute storing username.

    user_authentication_parameters.png

  • IDM Attribute: Provide the directory users attributes in order to match a unique Symmetry Connect identity. More than 1 attribute can be used by selecting the Add a ROW button.

    The user must select at least one IDM attributes, the ability to select several attributes is also supported.

    For example:

    • Email

    • Employee Number

    • Last Name

      IDM_to_LDAP_mapping_2.png

  • LDAP Attribute: Provide the LDAP attribute that correlates directly with IDM attribute.

    IDM_to_LDAP_mapping_1.png

  • After the completion of any changes or updates made to the LDAP settings select Save to save and apply the changes or updates, or select Cancel to discard any changes or updates made.

    • Select the IDM tab at the top of the screen.

    • Select the Identities tab.

    • Navigate to the Login Credentials section on the Identity screen and click on the Edit button.

      SSO_7.png

    • Toggle the Allow Third Party Authentication Bypass button to either On or Off as required.

      Note

      The change will be confirmed with a note (Updated Third Party Authentication Bypass) in the top right corner of the screen, as shown in the graphic below.

      SSO_8.png

    • Provide user credential details to the blank fields and then click the Save button to confirm and apply the change.

      • Login Name:Users login name

      • Password: Users password

      • Confirm Password: Users Password (this field must match the password field)

In this section: