Add Active Directory instruction.
This commit is contained in:
Takashi Okamoto
parent
fbdb55aba9
commit
1b7b3515d7
@ -284,3 +284,42 @@ connectors:
|
|||||||
If the search finds an entry, it will attempt to use the provided password to bind as that user entry.
|
If the search finds an entry, it will attempt to use the provided password to bind as that user entry.
|
||||||
|
|
||||||
[openldap]: https://www.openldap.org/
|
[openldap]: https://www.openldap.org/
|
||||||
|
|
||||||
|
## Example: Searching a Active Directory server with groups
|
||||||
|
|
||||||
|
The following configuration will allow the LDAP connector to search a Active Directory using an LDAP filter.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
|
||||||
|
connectors:
|
||||||
|
- type: ldap
|
||||||
|
name: ActiveDirectory
|
||||||
|
id: ad
|
||||||
|
config:
|
||||||
|
host: ad.example.com:636
|
||||||
|
|
||||||
|
insecureNoSSL: false
|
||||||
|
insecureSkipVerify: true
|
||||||
|
|
||||||
|
bindDN: cn=Administrator,cn=users,dc=example,dc=com
|
||||||
|
bindPW: admin0!
|
||||||
|
|
||||||
|
usernamePrompt: Email Address
|
||||||
|
|
||||||
|
userSearch:
|
||||||
|
baseDN: cn=Users,dc=example,dc=com
|
||||||
|
filter: "(objectClass=person)"
|
||||||
|
username: userPrincipalName
|
||||||
|
idAttr: DN
|
||||||
|
emailAttr: userPrincipalName
|
||||||
|
nameAttr: cn
|
||||||
|
|
||||||
|
groupSearch:
|
||||||
|
baseDN: cn=Users,dc=example,dc=com
|
||||||
|
filter: "(objectClass=group)"
|
||||||
|
userAttr: DN
|
||||||
|
groupAttr: member
|
||||||
|
nameAttr: cn
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user