In this short tutorial I want to explain how you can synchronize users via LDAP.
Important: This feature is currently only available in the REI3 Professional version. In order to use LDAP in your REI3 instance, it is necessary to have a valid license.
You can use LDAP for your REI3 instance to import login names and to authenticate users using LDAP credentials.
In addition, LDAP group assignments can be used to automatically assign roles to a user. If you want to use multiple LDAP connections (or if you want to mix it with local created logins) you must take into account, that login names have to be unique. If needed, you can configure to use mail addresses or other unique attributes for login names.
How to set up the connection:
Click on the menu item 'LDAP-Logins' in the REI3 admin panel and add a new connection.
- Name: Specify a name for the connection.
- Host: Enter the LDAP server you want to connect to.
- Port: Select the port for the connection
- Bind user DN: User account for authentication
- Bind user password: Password for authentication
- Search DN: Specify from which area objects should be imported
Set roles by group membership:
If enabled, you have the option to automatically assign roles to users based on their LDAP group memberships.
Expert settings are normally only needed if you do not connect to a Microsoft Active Directory server.
- Object class: Which object classes should be used (per default: user)
- Unique key attribute: Which attribute should be used as unique identifier (by default: objectGUID)
- LoginAttribute: Enter which attribute should be used as username within REI3 (by default: samAccountName)
- Microsoft AD extensions: If you use ActiveDirectory, you can enable it to handle nested groups.
- Member attribute: Select the attribute which defines the group membership (by default: memberOf).
Once you have entered your data, you can validate your settings by clicking the 'Test connection' button. If everything is successful, you can synchronize the data directly using 'Import logins now'.