Connect to LDAP identity source

1

Fill in LDAP Server configuration in GenAuth

2

Create an application in GenAuth

3

Log in using LDAP user directory

4

Import organizations from LDAP user directory

Fill in your LDAP Server configuration in GenAuth

Add LDAP service

Add LDAP service

Add LDAP service page

Fill in relevant information

Fill in the relevant information in the pop-up dialog box. If you don’t know how to fill in, you can click "Click here" to fill in the test configuration information.

LDAP service information test

Use the LDAP service information we provide

Parameter explanation

  1. LDAP alias, required, custom LDAP service name
  2. LDAP link, required, LDAP server address, such as: ldap://dc.fabrikam.com
  3. Base DN, required, used to connect to LDAP The username will be used to test the connection result and search for users or user groups.
  4. Password, required, password for connecting to LDAP, the password will be encrypted and stored in the database.
  5. Binding endpoint, required, defines which directory to start searching from, such as: dc=fabrikam,dc=local
  6. Query condition, required, if it is mail, it means that the query of user information is through the mailbox information. Note that the field information corresponds to the field where the LDAP database stores data. If the field storing the user's mailbox information is email, it needs to be changed to email here.

Connectivity Test

Connectivity test can help you check whether the parameters are filled in correctly. If you fill in the "Test Configuration", then click "Connectivity Test" on the page and you should see the following results:

Connectivity Test

You can use this test to test different Base DN and Password.

Verify User

Verifying the user can help you check whether the query conditions are correct. If the query conditions are incorrect, an error that the user cannot be found will be returned.

The test username we gave is admin, the password is admin, and the query condition is cn, which is the default account and password information provided by openLDAP. After clicking "Verify User", you should see the following result:

Verify User

If you change the query condition from cn to cnn, the following result should be returned at this time:

Query Condition Test

Users can use this method to complete the debugging of LDAP by modifying binding endpoint and query condition.

After the configuration is completed, you can log in with the LDAP account by accessing any OAuth application or OIDC application.

We have prepared an LDAP test application (opens new window) for you to experience the whole process of logging in with LDAP:

Test account: admin

Test password: admin

Back to list