Modify LDAP Identity Provider
This topic describes how to modify the existing details for the LDAP account.
Before you begin
Procedure
- Log in to Configuration Hub as an administrator.
-
Go to
.The existing list of identity providers appear.
-
Select the LDAP identity provider.
The existing information for the identity provider appears on the DETAILS panel.
-
To modify the GENERAL details, select to open a
pop-up screen with the existing information.
-
If you modify any existing information, save the changes.
The general details are required to configure LDAP authentication.
-
To modify OTHER SEARCH CRITERIA details, place your cursor
and enter the new value for the respective criteria.
Use these settings to enable the sub-directories in your search criteria.
Search Criteria Example Value Description Group Base OU=Sales,OU=Groups,OU=Enterprise,DC=company,DC=com
Defines the starting point for the LDAP group search in the active directory tree. - CN is Common Name (required)
- DC is Domain Component (required)
- OU is Organization Unit Name (optional)
Note: If you use onlyDC=Ge,DC=com
, timeout may occur due to slow system response. Use the exactOU
to avoid timeout.User Base OU=Sales,OU=Users,OU=Enterprise,DC=company,DC=com
Defines the starting point for the LDAP group user search in the active directory tree. Note: If you use onlyDC=Ge,DC=com
, timeout may occur due to slow system response. Use the exactOU
to avoid timeout.User Filter userPrincipalName={0}
Allows the LDAP user (active directory user) to login into Configuration Hub with their email address. User Filter cn={0}
Allows the LDAP user (active directory user) to login with their display name. This is field is populated by default. User Filter sAMAccountName={0}
Allows the LDAP user (active directory user) to login with their account name (Windows login name). This is field is populated by default. Group Filter member={0}
Retrieves the memberOf
attribute values for the specific user. This is field is populated by default.Max Filter 10
Defines the maximum depth for searching the LDAP groups. The default value is 10
.For very large systems, set the value to
2
as it may impact system performance.