Support for Lightweight Directory Access Protocol (LDAP)

Overview

OmicSoft Server can check LDAP for users attempting to access OmicSoft Server resources. OmicSoft Server administrators can manage connection to LDAP in the Server tab, under Manage|Manage LDAP:
 

Options

This function window will edit ArrayServer.cfg to enable LDAP communication.

• Host: The LDAP server address
• Port: The LDAP server port
• Secure Sockets Layer (SSL): Use SSL encryption for communications with LDAP server
• Service account DN: The account name to connect to the LDAP server for searching users (requires the full DN)
• Service account password: The password for the service account
• Show password: Toggles display of the entered password in this window
• Base DN: The LDAP Tree base, where users will be searched from
• User ID attribute name: The attribute that will be matched against the OmicSoft Server user's ID
• Use LDAP for group management: Import LDAP groups, and assign users according to LDAP group membership
  • LDAP groups will be prefixed with ldap_
• Group attribute name: the attribute defining group membership

When using LDAP, by default, new users will not be added to OmicSoft user groups (e.g. "Standard Users"). The OmicSoft parameter ArrayServer.cfg Configuration File can be set to specify the default group assignment.

After setting these parameters, please restart OmicSoft Server.

Results

After restarting OmicSoft Server, users should log in with the User ID in the LDAP directory.

Troubleshooting

User ID User ID was not found in the LDAP server

Assuming that the User ID is in the LDAP server, double-check that the BaseDN specified was not overly restrictive. Directly search the LDAP directory with the base DN and see if the user is listed.

Failed to authenticate user User ID

Please check with your OmicSoft Administrator to get added to the appropriate LDAP user Group for access"