Toggle menu
  1. Community Area
  2. Release Notes
  3. Video Guides
  4. gossinteractive.com
  5. MyGOSS

LDAP

This provider uses a web form which allows the user to enter their username and password. See LDAP-SSO for the single sign-on version.

Provider Linking

Linking to and from this provider type is always disabled. Providers of this type are almost always used to grant access to a corporate network. Linking an LDAP provider to a social provider could grant undue access to a user who logs in with their social account. By disabling linking potential problems with mirrored groups are also avoided.

ldap_basic

A second version of this provider type exists called ldap_basic.  This type is safe to use with provider linking because it will never create user groups, even if configured to do so.

Parameters

As well as the parameters described in Base Provider Parameters, the following must be set in the params object.

The only parameter to this provider is ldapServerDetails. This is an array of LDAP configuration objects as defined in the LDAP-SSO article.

Authentication is attempted against each server in turn until authentication succeeds against one of them or fails against all of them.

NameTypeDescription
ldapServerDetailsList, requiredAn array of LDAP configuration objects

User Profile Data

Requested attributes: All with a value.

Provider NameMapped To
LDAP server dependent. A few of the most useful are documented below.
SAMACCOUNTNAMEUNIQUEID
GIVENNAMEFORNAMES
SNSURNAME
MAILEMAIL

See the Linking Providers, Account and Profile Management article for information about how profiles and email addresses are updated.

Example

{
    "providerName": "ldapdevdc1",
    "providerDisplayName": "LDAP devdc1.lan.gossinteractive.com",
    "type": "ldap",
    "userPrefix": "ldapdc1_",
    "params": {
        "ldapServerDetails": [{
            "ldapServer": "10.10.45.11:3268",
            "baseDN": "DC=forrest,DC=gump,DC=alabama",
            "usernameAttribute": "sAMAccountName",
            "queryUserUsername": "username",
            "queryUserPassword": "password",
            "mirrorLDAPGroups": true,
            "userProfileAttributeMapping": {
                "mapping": {
                    "SAMACCOUNTNAME": {"mappings": ["UNIQUEID"]},
                    "GIVENNAME": {"mappings": ["PREFERREDNAME","FORENAMES"]},
                    "SN": {"mappings": ["SURNAME"]},
                    "WHENCREATED": {"mappings": ["BIRTHDAY"]}
                }
            }
        }]
    }
}

Last modified on May 30, 2023

Share this page

Facebook icon Twitter icon email icon

Print

print icon