Introduction
LDAP authentication settings in the administration section allow system administrators to configure external authentication methods. LDAP (Lightweight Directory Access Protocol) helps organizations connect login access with their existing directory services. This ensures consistent credential use across systems.
Purpose
This section enables administrators to add and manage authentication methods based on LDAP. These settings are typically used in environments where identity management is centralized outside the application.
Authentication Modes Overview
Upon opening the section, the administrator sees a list of configured authentication modes. Each row displays the current connection settings and usage overview.
| Column | Description |
|---|---|
| Name | The custom name of the authentication configuration. |
| Type | Authentication type – in this case, LDAP. |
| Host | The server address of the LDAP service. |
| Users | Number of users linked to the mode. |
| Available users | Number of available user accounts in the connected directory. |
Creating a New Authentication Mode
Clicking the New authentication mode button opens the setup form for a new LDAP connection. Administrators must provide the necessary server connection details and attribute mapping.
Connection Settings
| Field | Description |
|---|---|
| Name | Name of the authentication mode (used internally). |
| Host | Server address of the LDAP provider. |
| Port | Typically 389 (LDAP) or 636 (LDAPS). |
| Account | LDAP bind user (optional depending on LDAP setup). |
| Password | Password for the bind user (optional). |
| Base DN | Base distinguished name to search users (e.g., dc=example,dc=com). |
| LDAP filter | Optional filter to narrow down user records. |
| Timeout (in seconds) | Connection timeout value. |
| On-the-fly user creation | If enabled, users are automatically created during first login. |
Attribute Mapping
| Attribute | Description |
|---|---|
| Login attribute | LDAP field used as login identifier (e.g., uid or cn). |
| Firstname attribute | LDAP field for user's first name (e.g., givenName or cn). |
| Lastname attribute | LDAP field for user's surname (e.g., sn). |
| Email attribute | LDAP field for user’s email (e.g., mail). |
