Skip to main content
Skip table of contents

Basic Details

  1. Fill in all the necessary data and settings.

ldap basic.png
  1. Press Save button to cave changes.

Form items explanation:

Name

Basic Description

Default Value

Advanced Description

Id

LDAP Connection ID

dev.local

Unique LDAP connection ID

URL

LDAP Connection url (ldap://[hostname/ip]:[port] or ldaps://[hostname/ip]:[port])

ldaps://10.79.5.196:636

URL to reach LDAP server. Multiple urls can be added separated by a space. The pool of connections will be initialised in a Round Robin manner using the configs.

Base DN

A distinguished name (DN) that identifies the starting point of a search

DC=dev,DC=local

Base DN for LDAP bind. Search starts in this OU.

Username

LDAP Server credentials username

ldap_bind_dev1@dev.local

username used for LDAP authentication

Password

LDAP Server credentials password

<password>

password used for LDAP authentication

Additional Filters

Filter query to be used on user filtering

additional filter to reduce search results - typically based on objectClass. This needs to be written with LDAP syntax. e.g. (!(objectclass=foreignSecurityPrincipal))

Connect Timeout (ms)

Connection timeout in miliseconds

5000

Read Timeout (ms)

Read timeout in miliseconds

5001

Domain Pattern

dev.local

Domain pattern used in a search query.
For example user user@dev.local will use this ldap connection when domain pattern is set to *.dev.local.
In case of multiple values, use comma (,) as separator.

Query nested groups

Active Directory specific flag indicating if the list of user groups will be computed by flattening the hierarchical tree

OFF

In case of complex group hierarchy slows down queries. Recommend to switch off.

Has groups with foreign users

ON

When set, groups from non-local (foreign) domains will be also included.

Draft connection

Flag that indicates if the connection should be disabled

OFF

Draft connection means not used (disabled).

Accept all certificates (not recommended)

Disables certificate verification during SSL/TLS handshake, ignoring expired or not trusted certificates

OFF

Not recommended - significantly reduce security.

Disable hostname verification (not recommended)

Disables hostname verification during SSL/TLS handshake

OFF

Not recommended - significantly reduce security. Certificate must contain DNS name used in URL parameter. Must be switched on in case of IP address used in URL.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.