LDAP configuration

From Array Suite Wiki

Jump to: navigation, search

Contents

Support for Lightweight Directory Access Protocol (LDAP)

Overview

ArrayServer can check LDAP for users attempting to access ArrayServer resources. ArrayServer administrators can manage connection to LDAP in the Server tab, under Manage|Manage LDAP:

ManageLDAP Button.png

Tips.pngLDAP management is an add-on feature. Contact support@omicsoft.com for more details.


Options

ManageLDAP Window.png

This function window will edit ArrayServer.cfg to enable LDAP communication.

  • Host: The LDAP server address
  • Port: The LDAP server port
  • Secure Sockets Layer (SSL): Use SSL encryption for communications with LDAP server
  • Service account DN: The account name to connect to the LDAP server for searching users (requires the full DN)
  • Service account password: The password for the service account
  • Show password: Toggles display of the entered password in this window
  • Base DN: The LDAP Tree base, where users will be searched from
  • User ID attribute name: The attribute that will be matched against the ArrayServer user's ID
  • Use LDAP for group management: Import LDAP groups, and assign users according to LDAP group membership
    • LDAP groups will be prefixed with ldap_
  • Group attribute name: the attribute defining group membership
  • Only import the below groups from LDAP server: Restrict the LDAP groups to the listed groups (comma or new line separated)

When using LDAP, by default, new users will not be added to ArrayServer user groups (e.g. "Standard Users"). The ArrayServer parameter DefaultUserGroups can be set to specify the default group assignment.

After setting these parameters, please restart ArrayServer in GUI or from command line.

Results

After restarting ArrayServer, users should log in with the User ID in the LDAP directory.

LDAPUserGroups.png

EnvelopeLarge2.png