LDAP users and login#
Overview#
When creating a user and assigning the LDAP authorization method you will specify the LDAP server and the LDAP username.
The LDAP username corresponds to the login Attribute Name specified in the LDAP network connection.
Login URL#
LDAP users log in at the following URL: https://{host name}/login
LDAP username format#
When logging in with LDAP credentials, the username is in the following format: {user ID}[@hierarchy]
Regardless of the login Attribute Name specified in the LDAP network connection, the user email address can be used to log in.
Note
@hierarchyis not required when the user ID corresponds to the user’s email address.{user ID}corresponds to the login attribute name (for example, email address, user principal name, sAMaccountName). The login attribute name is configured in the Authentication attribute of the LDAP device connection associated with this hierarchy.The hierarchy is in dot notation and corresponds with the hierarchy to which the user belongs. The hierarchy level is the level at which the user is created.
LDAP authentication users#
LDAP-authenticated users can be located via the user management list views in VOSS. The list views include users that use LDAP for authentication only, and users that have been synced from LDAP.
View LDAP-authentication method users only: Filter the list views Sync Source columns to display only LDAP-synced users.
Add new LDAP user: On the user management forms, select Auth Method LDAP, then specify the LDAP server and LDAP username (these fields display only when LDAP is selected as the authentication method):
LDAP Server: The LDAP server being used for authentication.
LDAP Username: Matches the value of the LDAP authentication attribute, which is specified in the User Model Type field of the LDAP user sync configuration.
Note
LDAP username is editable when updating the user but you will need to also update the username on LDAP with the same change to prevent failed authentication.
Related topics