How do I authenticate users with an LDAP directory?

If you have an existing LDAP directory then you can configure Jiglu to use it for user authentication instead of Jiglu's own authentication system.

LDAP settings can be found by going to System settings and choosing the LDAP directory option under Users.

There are three options available for LDAP authentication:

  • Off - Jiglu will manage passwords and authentication itself.
  • Optional - users can optionally be authenticated against an LDAP server, with the choice available on the form to edit users.
  • Mandatory - all users will be authenticated against an LDAP server with the exception of the superuser account.

At a minimum you will need the following information to use the LDAP server:

  • The URL of the LDAP server, such as ldap://host.name:389. TLS connections are supported but you may need to install a certificate in Java.
  • The reader distinguished name for Jiglu to connect to the server as and the password to use.
  • The base context beneath which to search for users.

Most LDAP servers have a standard user class name and fields but the form allows you to specify these should it be needed.

When LDAP is configured, you can register users from the LDAP server as Jiglu users by going to the User index and choosing the Register a directory user to use the system action. If LDAP authentication is mandatory then it will not be possible to use features such as inviting users into the system.

Written by Stephen Hebditch. Published on .
1.0.0
Using an LDAP server to handle passwords instead of Jiglu.