MIDAS Active Directory (LDAP) IntegrationActive Directory Integration

Configuring MIDAS

LDAP Integration is configured via MIDAS Admin Options → Manage Users & Permissions → Single Sign On (SSO).

MIDAS Single Sign On (SSO) settings

SettingDescription
Enable LDAP AuthenticationEnables/Disables LDAP Authentication
HostThe IP/domain of your Active Directory server. This is the server against which individuals are authenticated within your network.
To connect via LDAPS instead of LDAP, prepend the Host with "ldaps://".
By default, connections will be made on port 389 (LDAP) or 636 (LDAPS). To connect on a different port, specify the Host as "hostip:port"
Bind ToThe Distinguished Name binding MIDAS should use to query your Active Directory.
Example: CN=Administrator,CN=Users,DC=mydomain,DC=local
Bind PasswordThe password required by your AD server to bind to the above
BaseThe base at which user information may be found in your Active Directory
Example: DC=mydomain,DC=local
In MIDAS v4.09+ you can also specify multiple bases by separating each base with a semi-colon ( ; ) character
Update User Permissions upon each loginIf selected, the user's MIDAS permissions will be updated with the latest permissions assigned to their "group" each time they access MIDAS. See Managing Permissions
If no matching User Group exists, block accessIf the user's Primary Group in the AD does not correspond to a matching user group name in MIDAS, this setting determines what should happen:
If selected, SSO access to MIDAS will be denied and the user will see the standard login screen.
If unselected, the user will be logged in with a very restrictive set of user permissions (essentially "view only")
DebugWith debugging enabled, failed and successful LDAP authentications will be logged to a "/debug-ldap.dat" file in your MIDAS directory.
Warning: It is recommended to only enable Debug logging whilst troubleshooting integration with your AD. Once up and running, it's strongly advised to disable this logging, otherwise the log file can become very large!

Clicking the "Save Changes" button will apply your settings.

Clicking the button will perform a basic connection test to your Active Directory server using the details you've entered, and will display the results:

LDAP Connection Test

In addition, when you perform an LDAP Connection Test, MIDAS will attempt to retrieve a list of User Groups from your Active Directory, and add these names to the User Group list in MIDAS.