Table of contents
Active Directory Integration: Configuring MIDAS
|Enable LDAP Authentication||Enables/Disables LDAP Authentication|
|Host||The IP/domain of your Active Directory server. This is the server against which individuals are authenticated within your network.|
To connect via LDAPS instead of LDAP, prepend the Host with "
By default, connections will be made on port 389 (LDAP) or 636 (LDAPS). To connect on a different port, specify the Host as "
|Bind To||The Distinguished Name binding MIDAS should use to query your Active Directory.|
|Bind Password||The password required by your AD server to bind to the above|
|Base||The base at which user information may be found in your Active Directory|
Example: DC=mydomain,DC=localIn MIDAS v4.09+ you can also specify multiple bases by separating each base with a semi-colon ( ; ) character
|Update User Permissions upon each login||If selected, the user's MIDAS permissions will be updated with the latest permissions assigned to their "group" each time they access MIDAS. See Managing Permissions|
|If no matching User Group exists, block access||If the user's Primary Group in the AD does not correspond to a matching user group name in MIDAS, this setting determines what should happen:|
If selected, SSO access to MIDAS will be denied and the user will see the standard login screen.
If unselected, the user will be logged in with a very restrictive set of user permissions (essentially "view only")
|Debug||With debugging enabled, failed and successful LDAP authentications will be logged to a "/debug-ldap.dat" file in your MIDAS directory.|
Warning: It is recommended to only enable Debug logging whilst troubleshooting integration with your AD. Once up and running, it's strongly advised to disable this logging, otherwise the log file can become very large!
Clicking the "Save Changes" button will apply your settings.
Clicking the button will perform a basic connection test to your Active Directory server using the details you've entered, and will display the results:
In addition, when you perform an LDAP Connection Test, MIDAS will attempt to retrieve a list of User Groups from your Active Directory, and add these names to the User Group list in MIDAS.