Difference between revisions of "LDAP Connection"
Jump to navigation
Jump to search
(→Setting up an LDAP connection) |
(→Setting up an LDAP connection) |
||
| Line 17: | Line 17: | ||
|- | |- | ||
|Base DN | |Base DN | ||
| − | |The | + | |The Base Distinguished Name identifies the entry in the directory from which searches initiated by LDAP clients occur. E.g dc=metdatatechnology,dc=com |
|- | |- | ||
|Manager DN | |Manager DN | ||
| − | | | + | |The manager DN used for querying the directory server and so this user must have privileges to search the directory. E.g. cn=admin,dc=metdatatechnology,dc=com |
|- | |- | ||
|Manager Password | |Manager Password | ||
| − | | | + | |The password for the manager account |
|- | |- | ||
|User Search Base | |User Search Base | ||
| − | | | + | |The starting point the LDAP server uses when searching for users authentication within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
|- | |- | ||
|User Search Filter | |User Search Filter | ||
| − | |User Search | + | |Used to identify the users under the User Search Base by a particular criteria. This is often likely to be: uid={0} |
|- | |- | ||
|Group Search Base | |Group Search Base | ||
| − | | | + | |The starting point the LDAP server uses when searching for groups within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search for groups under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
|- | |- | ||
|Group Search Filter | |Group Search Filter | ||
| − | |Group Search | + | |Used to identify the groups under the Group Search Base by a particular criteria. E.g. member={0} |
|- | |- | ||
|Role Prefix | |Role Prefix | ||
| Line 41: | Line 41: | ||
|- | |- | ||
|UserID Attribute | |UserID Attribute | ||
| − | |'''Mandatory''' This is used to determine. It is likely this value will be '''uid''' | + | |'''Mandatory''' This is used to determine what value a user should be displayed as. It is likely this value will be '''uid''' |
|} | |} | ||
== Example using OpenLDAP == | == Example using OpenLDAP == | ||
Revision as of 09:25, 7 April 2022
Overview
Fusion Metadata Registry can use LDAP as the authorization mechanism
Setting up an LDAP connection
On the page page Security -> Authentication Service ensure the drop-down states "LDAP". The following fields are presented.
| Item | Description |
|---|---|
| Protocol and hostname | Mandatory Either select ldap or ldaps (LDAP over SSL) in the left-side drop-down. In the input field, enter the server and if necessary port number. E.g. localhost:10389 |
| Base DN | The Base Distinguished Name identifies the entry in the directory from which searches initiated by LDAP clients occur. E.g dc=metdatatechnology,dc=com |
| Manager DN | The manager DN used for querying the directory server and so this user must have privileges to search the directory. E.g. cn=admin,dc=metdatatechnology,dc=com |
| Manager Password | The password for the manager account |
| User Search Base | The starting point the LDAP server uses when searching for users authentication within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
| User Search Filter | Used to identify the users under the User Search Base by a particular criteria. This is often likely to be: uid={0} |
| Group Search Base | The starting point the LDAP server uses when searching for groups within your directory. This works in tandem with the base DN. E.g A value of "ou=people" would search for groups under "ou=people" under the Base DN "dc=metdatatechnology,dc=com" |
| Group Search Filter | Used to identify the groups under the Group Search Base by a particular criteria. E.g. member={0} |
| Role Prefix | |
| UserID Attribute | Mandatory This is used to determine what value a user should be displayed as. It is likely this value will be uid |
