Skip to content

Authentication Types - LDAP

Form Fields

  • Name - The name of the authentication profile.

  • Status - The status of the authentication profile.

  • Primary Server - Primary server to be used for LDAP.

  • Secondary Server - Failover server to be used for LDAP.

  • Distinguished Name - Specific to your organization, and use "%s" for username. For example:

    CN=%s,CN=Users,DC=example,DC=com

  • Secure Connection - Connect over a secure connection. The options are:

    • None

    • LDAPS - Secure on connection

    • TLS - Negotiated

Best Practices

To setup LDAPS external authentication:

  • Get the CA certificate (or self-signed one) for the LDAP server and place it in $A1BASEDIR/etc/ssl.

  • Create $A1BASEDIR/etc/ldap.conf with the following two lines. Update $A1BASEDIR with the Assure1 install directory (e.g. /opt/assure1) and $LDAP_CA_CERT with the exact name of the CA cert (e.g. FederosCA.pem):

    TLS_REQCERT never 
TLS_CACERT $A1BASEDIR/etc/ssl/$LDAP_CA_CERT

  • Restart the Assure1 web service:

    systemctl restart assure1-web

Default Settings

  • Status: Disabled

  • Primary Server:

  • Secondary Server:

  • Distinguished Name:

  • Secure Connection: None

Reference

LDAP - Lightweight Directory Access Protocol is a lightweight client-server protocol for accessing directory services.

Back