How to integrate LDAP with Sapho version 3.9 or greater

Last update:

Important Note

Before creating LDAP connector, connect to your LDAP server to verify your settings and find your User and Group object classes names.

In this guide we use jxplorer.org, an open source LDAP client, and these steps and screens may vary slightly depending on your LDAP client.

Step 1: Sign into LDAP server

Fill out the form with your credentials provided by your LDAP administrator and connect to LDAP server.

LDAP01.png

Step 2: Find your objectClass names

Navigate through tree entities structure and locate some user records you are interested in.

Investigate detail information about selected records (using table editor tab, context menu etc.). Search for object class name that user records have in common.

LDAP02.png

Then locate and investigate your Group records to find out their common object class name.

LDAP03.png

Typical names of object classes are:

  • for user: person, user, employee or posixAccount
  • for group: group, posixGroup

In examples above we found out that our users have common objectClass posixAccount (or inetOrgPerson) and groups have common objectClass posixGroup.

Step 3: Fill connector setup form

3.1 Use full URL with DN

An LDAP URL is a string that contains target DN of an entry within that server, or the criteria for performing a search within that server. Example: ldap://hostname.com/dc=ldap,dc=seconddomain,dc=maindomain,dc=com

3.2 Username and Password

These credential should be provided by your LDAP administrator.

3.3 User and Group object class

Use values you have found out in step 2.