LDAP Security authenticates users in OnBase based on the user accounts on an LDAP server. Users are granted rights in OnBase based on their LDAP group memberships, which must correspond to OnBase User Groups. This method can be configured to allow users to log in to OnBase automatically based on the credentials supplied when they authenticated against the LDAP server, or to be prompted for those login credentials when accessing OnBase.
The following items should be considered before using LDAP Security:
-
If the LDAP server is an Active Directory server, one of the Active Directory authentication methods should be used instead.
-
LDAP does not support nested groups.
-
LDAP servers are not discoverable in the same way as Active Directory with domain controllers.
-
In order to allow for redundancy, every LDAP server (primary and backup) must be configured separately.
-
The LDAP directory service software must be compatible with LDAP version 3.
To authenticate users using LDAP authentication, select LDAP in the Directory Service Authentication dialog box, then click the Settings button. The LDAP Servers dialog is displayed.
Setting your OnBase system to use LDAP cannot be undone.
To delete a server, select it in the LDAP pane and click Delete.
To configure a new server to authenticate against, click Add. To edit a server's configuration, select it in the LDAP pane and click Edit. The LDAP Server Settings dialog is displayed.
The options available in this dialog are described below. Once the LDAP Server Settings have been configured, click Save.
See also Configuring Multiple LDAP Servers for details on configuring more than one LDAP server.