How to configure LDAP

LDAP Management in GroundWork Monitor (Administration > LDAP) initially displays the authentication/authorization source options GroundWork (default) and LDAP/AD. LDAP configurations can be on or off (with saved configurations). For an LDAP configuration you will need the details for the domains you manage with LDAP/AD and contexts for users and groups to map to roles in GroundWork Monitor.

Adding a domain

  1. By selecting Administration > LDAP you will be presented with two authentication/authorization sources GroundWork and LDAP/AD. 
  2. GroundWork is the default authentication/authorization. It is also used as a fallback in the case where LDAP is selected, but the user can’t be found in LDAP. Switching between the two does not remove any LDAP/AD configuration. Selecting LDAP/AD exposes options to get started configuring LDAP.
    • Endpoint names as prefixes - (optional)
    • Enable mapper - (optional) 
  3. Click Add Domain.

    ldap configuration
  4. For the New Domain screen you will need to enter the following:
    • LDAP server to add:
    • Endpoint Name:
    • Server Type:
    • Port:
    • Use LDAPS or Use TLS
    • Certificate:
    • Security Principal:
    • User and role contexts for domain:

      ldap server to add
  5. Selecting Show advanced options provides the following options:
    • Role attribute ID:
    • Role matching mode:
    • Security authentication:
    • Security protocol:
    • UID attribute ID:
    • User properties query string:
    • User search scope: 
  6. After completing the various options click Apply.

    ldap server configuration options

Related articles