Add Active Directory instruction.

This commit is contained in:
Takashi Okamoto 2019-01-26 04:26:01 +00:00
parent fbdb55aba9
commit 1b7b3515d7

View File

@ -284,3 +284,42 @@ connectors:
If the search finds an entry, it will attempt to use the provided password to bind as that user entry.
[openldap]: https://www.openldap.org/
## Example: Searching a Active Directory server with groups
The following configuration will allow the LDAP connector to search a Active Directory using an LDAP filter.
```yaml
connectors:
- type: ldap
name: ActiveDirectory
id: ad
config:
host: ad.example.com:636
insecureNoSSL: false
insecureSkipVerify: true
bindDN: cn=Administrator,cn=users,dc=example,dc=com
bindPW: admin0!
usernamePrompt: Email Address
userSearch:
baseDN: cn=Users,dc=example,dc=com
filter: "(objectClass=person)"
username: userPrincipalName
idAttr: DN
emailAttr: userPrincipalName
nameAttr: cn
groupSearch:
baseDN: cn=Users,dc=example,dc=com
filter: "(objectClass=group)"
userAttr: DN
groupAttr: member
nameAttr: cn
```