Integrate LDAP IdP

¶ Add LDAP Service

¶ Parameter Explanation

1. LDAP Nickname: Required, the self-designed name of LDAP Service.
2. LDAP URL: Required, the address of the LDAP Service such as ldap://dc.fabrikam.com.
3. Base DN: Required, the username used to connect LDAP. This username will be used to test connection and search user or user groups.
4. Password: Required, the passwrod used to connect LDAP. This password will be encrypted and stored in the database.
5. Bind DN: Reuqired, the entry where the search starts such as: dc=fabrikam,dc=local.
6. Query Condition: Required, if the condition is mail, the user query will be based on the users' email. Attension, this field should be the same as the field in the LDAP database. For example, if "email" is used in LDAP to store users' mail, we should use email in this query condition as well.

¶ Connection Test

Using connection test can help you to check if there is any mistake in the configuration. If you complete the "test configuration" field, then click "Test" on the page and you can see following results:

You can use this test to test different Base DN and Password.

¶ Validate User

Validating users can help you check if the query condition is successful. If the condition is wrong, an error says the user cannot be found will be returned.

We are using admin`adminas the test username/password and usingcnas query condition, which is an default user provided byopenLDAP`. Click "Validate User" you will see such a result:

If we change query conditions from cn to cnn, the following result will be shown.

Users can use this way to complete the test by changing Base DN and Query Condition.

After the configuration is complete, you can use LDAP account to login any Oauth or OIDC application.