• Documentation
  • LDAP Configuration

LDAP Configuration


EnOS Cloud enables the creation of users in conjunction with Lightweight Directory Access Protocol (LDAP).


You can manage the LDAP connections in EnOS. The following applies to the LDAP connections in EnOS.

  • An organization can connect to one or more LDAP servers. Each LDAP connection can be configured with multiple base DN accounts.
  • Multiple organizations can connect to the same LDAP server.

Main Concept

  • LDAP connection: Tthe connection between the LDAP server and EnOS Cloud, which contains the configuration information of the LDAP server.

Target Audience

  • OU administrator

Prerequisites

  • You have an EnOS system administrator account and have all operation permissions for message push management. For more information, see Policies, Roles and Permissions.
  • You have an EnOS OU administrator account, and have been authorized by the system administrator with the operation permissions for configuring the email and SMS templates and quotes for the message push service. For more information, see Policies, Roles and Permissions.
  • Ensure that the LDAP server is running normally.
  • Ensure that you have the username and password of the administrator account of the LDAP server. This administrator account should have the full access to all the base DNs.

Procedure: Establish Connection with LDAP server

  1. In the EnOS Management Console, select Single Sign-On > LDAP Configuration.

  2. Click New LDAP and provide information for the following.

    • Basic Information

      • Name: The unique identification code for the LDAP connection.
      • Server URL: LDAP server IP address or URL.
      • Port: The port number of the LDAP server. This field is optional.
      • Base DN: The root distinguished name (DN) used when importing users from the LDAP directory server. Multiple base DNs can be configured under one LDAP server at a time. The semicolon (;) is used to separate base DNs. E.g. cn=users,dc=example,dc=com;ou=users,dc=example,dc=com.
      • Principle: The administrator account user name of the LDAP server. — Credential: the administrator account password of the LDAP server.
      • Filter: The conditional filter field of Base DN. E.g. FILTER=memberOf=CN=group,CN=developers,DC=example,DC=com.

      Note

      Ensure that the selected entries are all valid account entries.


    • Timeout Setting

      • Connection Timeout: The timeout duration for connecting to the LDAP service.
      • Read Timeout: The timeout duration for reading data from LDAP.


    • Attribute Mapping: The mapping relationship between the SSO service user attributes and the LDAP service user attributes.

      • SSO Attribute: Attribute to be mapped as the SSO service user attribute.
      • LDAP Attribute: The user attribute in the LDAP service.


  3. Click Test to test the LDAP connection.

    • If the test is successful, click Finish to create a new LDAP connection.
    • If the test fails, you need to modify the configuration information with reference to the corresponding prompts, and then resubmit it for testing.

Editing the LDAP Connection

  1. In the EnOS Management Console, select Single Sign-On > LDAP Configuration.
  2. Click the edit icon after the newly created LDAP connection in the list to edit the configurations of the LDAP connection.
  3. Click Save to complete the editing.