Configuring LDAP Authentication
Implementation of Suite with LDAP (Lightweight Directory Access Protocol) requires that the LDAP administrator create an object of class type “group” (in Active Directory) or “groupofnames” (in OpenLDAP) specific to the Suite. The distinguished name of this group (for example: bridgeway) will be added to the configuration settings within Suite Manager. Members of this group will be given access to the Suite. Access to specific Suite applications is maintained within Suite Manager.
Users who are not mapped to an LDAP user can still log in as long as they have a valid ID and password stored in the Suite’s user table. The program will check for the Distinguished Name first to validate against LDAP; if not found, then it will authenticate against the user table.
To Configure LDAP:
- Open Suite Manager.
- On the Suite Manager control panel, click the Authentication component in the Security area.
- On the LDAP Integration tab of the Authentication window, click on the LDAP integration enabled checkbox to select it.
- Enter information concerning the server on which LDAP is installed and user account/password information to login.
Make sure that spaces are not included after the comma when specifying any LDAP domain, user domain, or access group.
- If using MD5 encryption, put a tilde (~) at the beginning of the server’s name .In the Server Specifics area, select the type of directory service (such as Microsoft Active Directory or Open LDAP) used by the operating system on the server.
- If encryption should be used, click on the checkbox, then enter a domain and domain controller name.
- In the Default User Profile area, select a user account whose settings will be copied to create a first-time user account when logging into a Suite application via LDAP. Selecting <None> will disable automatic user account generation.
- Click Save.
- Click Test LDAP Integration.