Configure LDAP

If your organization uses an LDAP directory (or compatible) for user management, you need to configure the connection with the LDAP directory before you can add external users, as described in Add external users or groups of external users, as described in Add a group of external users.

Note: Fields marked with a red * must be filled in.

To configure the LDAP directory, follow these steps:

In the left navigation panel, click Settings and select the Users tab.
Select the LDAP tab.
In the LDAP tab, click the Configure button to enter the LDAP settings required for permissions & authentication.

LDAP configuration consists in:

Configuring the connection with the LDAP directory used by your organization
Searching for users contained in the LDAP directory
Searching for groups of users contained in the LDAP directory (optional)

Configure the connection with the LDAP directory

To configure the connection with the LDAP directory, enter the following details in the Connection section:

URL: The URL of the directory with structure: "<protocol>://<hostname>:<port number>
- LDAP protocol: communications are transmitted unencrypted
- LDAPS protocol means LDAP is over SSL: transactions are encrypted and protected. Note that NeoLoad Web doesn't support LDAP over SSL with required client certificates
- Hostname: enter the name or address of your LDAP server
- Port: enter the connection port of your LDAP server (389 or 3268)
Authentication method: In this drop-down menu, select:
- Anonymous if you do not want to specify any authentication properties
- Simple Authentication to send the customer DN and password unencrypted for authentication
- Digest MD5 to use the encrypted authentication mechanism for an LDAP v3 server or for an Active Directory server
- Cram MD5 to use a challenge-response authentication mechanism (CRAM) based on the HMAC-MD5 algorithm
Bind DN or User name: Enter the LDAP directory user account.
Password: Enter corresponding password.
Click Test to verify that the connection has been correctly configured.
Once the connection is established, go to the Users section to perform a search in the LDAP directory.

Search for users in the LDAP directory

To search for users in the LDAP directory, enter the following details in the Users section:

Base DN: Indicate an element from the directory that will serve as the starting point for your user search.
Filter: You can enter another LDAP filter. For example: "(cn=b*)" or "!(mail=*.com)" .
User ID attribute: Enter an LDAP attribute to find user IDs.
User first name attribute: Enter an LDAP attribute to find user first names.
User last name attribute: Enter an LDAP attribute to find user last names.
User email attribute: Enter the LDAP attribute corresponding to user email addresses.
Click Test to check that the search request settings are correct.

The retrieved list shows maximum 10 results.
Once the connection is established, go to the Groups section if you want to add groups of users.

Search for groups of users in the LDAP directory

To search for groups of users in the LDAP directory, enter the following details in the Groups section:

Select Enable groups if you want to configure group search in the directory.
Group type: in this drop-down menu, select:
- Dynamic if the group is defined at user level; enter one of its attributes in the Member attribute field
- Static if the group is defined at group level. The users belonging to this group are listed in the definition, which is composed of the DN Base, Object Class , Group ID attribute, Group Name Attribute, Group Member Attribute and Group Member Format.
Group member attribute: Enter an LDAP attribute to find group members.
Click Test to check that the search request settings are correct.

The retrieved list shows maximum 10 results.
Click APPLY at the bottom center of the screen to save all LDAP settings.

Caution: If you uncheck the option Enable LDAP, all LDAP users already configured will no longer be authorized to NeoLoad Web.