An LDAP connector allows you to:
-
Obtain information on users and groups from Active Directory or other LDAP servers. FreeIPA is supported with an LDAP server.
-
Authorize UGMC users via Active Directory/FreeIPA domains.
To create an LDAP connector, click Add, select Add LDAP connector, and provide the following settings:
|
Name |
Description |
|---|---|
|
Enabled |
Enables or disables the use of this authentication server. |
|
Name |
The name of the authentication server. |
|
SSL |
This specifies whether SSL is required to connect to the LDAP server. |
|
LDAP domain name or IP address |
The IP address of the domain controller, the domain controller FQDN or the domain FQDN (e.g., test.local). If the domain controller FQDN is specified, UserGate will obtain the domain controller's address using a DNS request. If the domain FQDN is specified, UserGate will use a backup domain controller if the primary one fails. |
|
Bind DN ("login") |
The username for connecting to the LDAP server. Must be in the DOMAIN\username or username@domain format. This user must be already created in the domain. |
|
Password |
The user's password for connecting to the domain. |
|
LDAP domains |
The list of domains served by the specified domain controller, e.g., in case of a domain tree or an Active Directory domain forest. Here you can also specify the short NetBIOS domain name. |
|
Search roots |
The list of LDAP server paths relative to which the system will search for users and groups. Specify the full name, e.g., ou=Office,dc=example,dc=com. |
After creating a server, you should validate the settings by clicking Check connection. If your settings are correct, the system will report that; otherwise, it will tell you why it cannot connect.
The LDAP connector configuration is now complete. When logging in to the console, LDAP users should specify their user names in the following formats:
domain\user/system or user@domain/system