Configuring LDAP Gateway Authentication Accounts

Identity Broker, acting as a LDAP server, requires clients to provide authentication details which allows the administrator to control which client may connect and what level of access they have.

See LDAP Security for more information on this topic.

Adding Users

On the Settings page, click the Add button under the LDAP User Management section.

Image 3853

Enter a Username, Password and select a Access Level.

Access Level
Definition
Unauthorized The user account exists, however it is only permitted to view the root directory-specific entry.
Read Permits the account to perform search actions, but not actions that would add, modify or delete.
Write The account is allowed to perform search actions and send requests to add or modify, but not delete.
Full The account is allowed to perform all possible actions.

Image 3854

Configuring LDAP Clients

When configuring a LDAP client for use with Identity Broker, the authentication mechanism selected should be Simple or Basic. Other authentication methods are not supported at this time.

The User Store is not represented in the Identity Broker LDAP structure. Identity Broker does not require that the object username is in a distinguished name format.

Is this article helpful for you?