LDAP configuration

From Array Suite Wiki

Jump to: navigation, search


Support for Lightweight Directory Access Protocol (LDAP)


ArrayServer can check LDAP for users attempting to access ArrayServer resources. ArrayServer administrators can manage connection to LDAP in the Server tab, under Manage|Manage LDAP:

ManageLDAP Button.png

Tips.pngLDAP management is an add-on feature. Contact support@omicsoft.com for more details.


ManageLDAP Window.png

This function window will edit ArrayServer.cfg to enable LDAP communication.

  • Host: The LDAP server address
  • Port: The LDAP server port
  • Secure Sockets Layer (SSL): Use SSL encryption for communications with LDAP server
  • Service account DN: The account name to connect to the LDAP server for searching users (requires the full DN)
  • Service account password: The password for the service account
  • Show password: Toggles display of the entered password in this window
  • Base DN: The LDAP Tree base, where users will be searched from
  • User ID attribute name: The attribute that will be matched against the ArrayServer user's ID
  • Use LDAP for group management: Import LDAP groups, and assign users according to LDAP group membership
    • LDAP groups will be prefixed with ldap_
  • Group attribute name: the attribute defining group membership
  • Only import the below groups from LDAP server: Restrict the LDAP groups to the listed groups (comma or new line separated)

When using LDAP, by default, new users will not be added to ArrayServer user groups (e.g. "Standard Users"). The ArrayServer parameter DefaultUserGroups can be set to specify the default group assignment.

After setting these parameters, please restart ArrayServer in GUI or from command line.

Tips.pngAdditional configuration parameters can be specified in ArrayServer.cfg


After restarting ArrayServer, users should log in with the User ID in the LDAP directory.



User ID User ID was not found in the LDAP server

Assuming that the User ID is in the LDAP server, double-check that the BaseDN specified was not overly restrictive. Directly search the LDAP directory with the base DN and see if the user is listed.

Failed to authenticate user User ID

Generally this means that the specified password for the user was incorrect. Check password entry carefully.