ldap_integration
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
ldap_integration [2020/08/25 14:42] – [Which LDAP fields can be used?] lucy | ldap_integration [2021/03/22 07:27] – [Setup] lucy | ||
---|---|---|---|
Line 6: | Line 6: | ||
* authorize users in the Admin console, Enduser portal and Awareness website | * authorize users in the Admin console, Enduser portal and Awareness website | ||
- | ==== LDAP Sync tool for Windows ==== | + | ==== Sync tool for Windows ==== |
Besides LDAP API, there is a tool that can be run on Windows machines to sync your Active Directory groups with Lucy, see more [[ldap_synchronization_tool|here]]. | Besides LDAP API, there is a tool that can be run on Windows machines to sync your Active Directory groups with Lucy, see more [[ldap_synchronization_tool|here]]. | ||
Line 12: | Line 12: | ||
===== Setup ===== | ===== Setup ===== | ||
- | To configure the LDAP connection please go in LDAP settings (Settings -> LDAP Settings) and save your server and authentication details. Within the field " | + | To configure the LDAP connection please go in LDAP settings (Settings -> LDAP Settings) and save your server and authentication details. Within the field " |
+ | |||
+ | :!: LUCY summarizes the values for " | ||
+ | So if the LDAP login is " | ||
Fields "Group Object" | Fields "Group Object" | ||
Line 111: | Line 114: | ||
:!: Recipient' | :!: Recipient' | ||
+ | |||
+ | |||
+ | ===== Login Lucy through Active Directory (LDAP) ===== | ||
+ | |||
+ | Lucy allows users to login with their Active Directory account. | ||
+ | |||
+ | === Admin console & Enduser portal === | ||
+ | |||
+ | In order users to login Admin console or Enduser portal you should first import accounts to Lucy from your Active Directory. See [[ldap_integration# | ||
+ | |||
+ | :?: Please note that to login Lucy you should use an appropriate user role that can be configured within the LDAP Update Preferences page (Settings > LDAP Settings > LDAP Update Preferences). \\ | ||
+ | |||
+ | User roles used to access Admin console: **Administrator, | ||
+ | User role used to access Enduser portal: **Enduser**. \\ | ||
+ | |||
+ | === Awareness website === | ||
+ | |||
+ | Lucy has an option to send a non-unique link for awareness website, but it requires users to login with their AD account to access the website. It also requires endusers to be imported into Lucy (see previous section). | ||
+ | |||
+ | To enable LDAP login for Awareness website, tick the option " | ||
+ | |||
+ | {{ :: | ||
+ | |||
+ | and the option "**Do not send emails**" | ||
+ | |||
+ | {{ :: | ||
+ | |||
+ | This enables the Global Link that can be used to access Awareness website after successful login via LDAP: | ||
+ | |||
+ | {{ :: | ||
+ | |||
+ | The option "Do not send emails" | ||
+ | |||
+ | ===== Troubleshoot problems ===== | ||
+ | |||
+ | * An error occurs during the connection to Azure AD LDAPS: \\ \\ < | ||
+ | * An error occurs when logging in at /admin or /user using Azure AD account: **Invalid LDAP user login or password.** \\ \\ **Solution: |
ldap_integration.txt · Last modified: 2021/11/04 18:57 by lucysecurity