Authenticating Users With Your LDAP System

Worksoft Certify administrators can authenticate users against a Lightweight Directory Access Protocol (LDAP) system. During the Certify sign-in process, you must have the appropriate permissions within Certify to create and execute processes. The Certify user name must have the same user name for authorization within Certify.

To authenticate users against LDAP:

  1. From the Certify menu, select Configure > Certify > Authentication Settings.

    The Worksoft Authentication Configuration tool opens.

  2. Select the Use LDAP Authentication option.

    The LDAP Settings fields are enabled.

  3. In the Authentication Settings section, enter your information into the following fields:

    Field

    Description

    Host/IP Address

    Enter the domain name or IP address of the LDAP directory server.

    Domain Example: worksoft.com

    LDAP Port

    Optional - Enter the host port.

    The default port number is 389. If a value is not specified, the default port will be used.

    For secure connections using Secure Sockets Layer (SSL), the default port number is 636.

    Use Secure Connection (SSL)

    By default, LDAP traffic is transmitted unsecured. Select this option to make LDAP traffic secure by using an SSL connection.

    Base DN

    Enter the Base Distinguished Name (DN) for LDAP.

    LDAP references an object by its DN. The Base DN identifies the starting point of a search with a sequence attributes connected by commas and no spaces.

    Example: ou=test,ou=sales,dc=example,dc=com

    If the LDAP authentication throws request timeout errors, make the base DN search more specific.

    Example: ou=people,dc=treea,dc=foobar,DC=com instead of dc=treea,dc=foobar,dc=com

    If you do not know the Base DN, consult your LDAP administrator or check your LDAP browser.

    Authentication Type

    Select the authentication method for your LDAP server:

    • Anonymous
    • Basic (Default)
    • Negotiate
    • Ntlm

    If you do not know your Authentication Type, consult your LDAP administrator.

    User DN

    Enter the user who will connect to the server. This user must have read and execute permissions for the whole sub-tree.

    If your LDAP directory server requires a domain for logging on to the system, include the domain for the user as well.

    Password

    Enter the password to connect to the LDAP service on the specified LDAP Server.

    Although the LDAP default character length is 128 characters, Certify supports only 100 characters.

  4. Click Test LDAP Settings to verify that your LDAP configuration is valid.

    If your configuration does not pass, consult your LDAP administrator.

  5. In the Filter field, a default logical expression, (|(uid={0}*)(sAMAccountName={0}*)), is listed.

    This expression specifies attributes the requested LDAP entries must contain. Substitute the {0} with the user name in which you plan to use when logging on to LDAP.

    If the LDAP authentication throws request timeout errors, edit the filter expression to the following:

    (&(objectCategory=person)(objectClass=user)(sAMAccountName={0}*))

  6. In the Test Authentication section, enter the network user name and password to validate against the LDAP server.

  7. Click Test User Credentials to verify the user.

  8. Click OK to save the values to your Certify database.

    Next time the user signs in to Certify, the user is authenticated against the LDAP system.

 

Related Topics Link IconRelated Topics