This topic describes how to add LDAP authentication sources and use user accounts in AD to log on to IDaaS.

Procedure

  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Authentication > Authentication Sources.
  3. In the upper-right corner of the Authentication Sources page, click Add Authentication Source. Find LDAP and click Add Authentication Source in the Actions column. Configure the parameters in the dialog box that appears.
    1

    Set LDAP URL to the IP address + port number of the AD domain.

    Set LDAP Base, LDAP Account, and LDAP account password to the values of AD.

    Set Filter Condition to (sAMAccountName=$username$).

    1
  4. In the left-side navigation pane, choose Users > Organizations and Groups. Click Configure LDAP in the right window to configure LDAP settings. If you have configured the LDAP authentication source, skip this step.
    1
    1
  5. Create an account and provision the account to AD. You can connect to AD to view the provisioned account.

  6. Click LDAP in the Use a Third-party Account to Log On section of the logon page. You are redirected to the Log On with LDAP Account page. Enter the provisioned account for logon. The password for the provisioned account here must be the AD domain password, instead of the password in IDaaS.
    1
    1

    After adding the LDAP authentication source, you can use the account and the password in AD to log on to the IDaaS console.