You can add users using LDAP authentication.
Note: users can belong both to root domain and to subdomains. If you need to add users from subdomains, use Global Catalog.
To connect to the LDAP server:
In the left menu select Admin > LDAP;
Turn on LDAP connection;
Fill all the required fields:
ldap
or secure ldaps
);Note: when you add users from subdomains, use Global Catalog ports – 3268 or 3269.
DC=host,DC=test,DC=domain
;CN=U.ApiaryBlocked,CN=Users,DC=dc,DC=corp,DC=hexway,DC=com
userPrincipalName
format (e.g. t.adm@test.domain
), but you can also use distinguished name;(objectClass=*)
– the search will be done through all the available entries;(&(objectClass=user)(loginAttr=login))
– the search will be done through the objects with corresponding attribute values;Note: in most cases, the right User filter's value is
user
, but if your LDAP server is not standard, try other variants.
CN=U.ApiaryAdmins,CN=Users,DC=dc,DC=corp,DC=hexway,DC=com
Note: in most cases, the right Group filter's value is
(objectClass=group)
, but if your LDAP server is not standard, try other variants.
sAMAccountName
– corresponds with the login format like t.adm
;userPrincipalName
– corresponds with the login format like t.adm@test.domain
;Note: if you want to connect only to subdomain, use login in the
userPrincipalName
format (e.g.t.adm @test.domain
).
givenName
);sn
).Click Test connection, to check the connection to the LDAP server. If settings are correct, you will see Connection established:
i
to view all available users:Click Save. User will appear on Users tab after the first login to the platform.
Note: after saving LDAP settings, you will not be able to add local users to the Platform.
Unprocessed Continuation Reference(s)
error can occur when system addresses to the domain with subdomains and without Global Catalog role (e.g., to the port number 389 with values DC=test,DC=domain
in Base DN field).
To solve this error, you should indicate more specific value in the field Base DN, e.g. CN=users,DC=test,DC=domain
.