Difference between revisions of "LDAP Connection"
Jump to navigation
Jump to search
(→Setting up an LDAP connection) |
|||
| Line 38: | Line 38: | ||
|- | |- | ||
|Role Prefix | |Role Prefix | ||
| − | | | + | |An optional prefix which will be prepended to Granted Authority values loaded from the directory. |
|- | |- | ||
|UserID Attribute | |UserID Attribute | ||
Revision as of 08:28, 7 April 2022
Overview
Fusion Metadata Registry can use LDAP as the authorization mechanism
Setting up an LDAP connection
On the page page Security -> Authentication Service ensure the drop-down states "LDAP". The following fields are presented.
| Item | Description |
|---|---|
| Protocol and hostname | Mandatory Either select ldap or ldaps (LDAP over SSL) in the left-side drop-down. In the input field, enter the server and if necessary port number. E.g. localhost:10389 |
| Base DN | The Base Distinguished Name identifies the entry in the directory from which searches initiated by LDAP clients occur. E.g dc=metdatatechnology,dc=com |
| Manager DN | The manager DN used for querying the directory server and so this user must have privileges to search the directory. E.g. cn=admin,dc=metdatatechnology,dc=com |
| Manager Password | The password for the manager account |
| User Search Base | The starting point the LDAP server uses when searching for users authentication within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
| User Search Filter | Used to identify the users under the User Search Base by a particular criteria. This is often likely to be: uid={0} |
| Group Search Base | The starting point the LDAP server uses when searching for groups within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search for groups under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
| Group Search Filter | Used to identify the groups under the Group Search Base by a particular criteria. E.g. member={0} |
| Role Prefix | An optional prefix which will be prepended to Granted Authority values loaded from the directory. |
| UserID Attribute | Mandatory This is used to determine what value a user should be displayed as. It is likely this value will be uid |
