Table of contents Connect Aternity to your Active Directory (LDAP) You can connect Aternity to your Microsoft Active Directory (AD), so that usernames defined in the AD can also be usernames to sign in to Aternity. Their usernames and passwords are managed in the AD only. You can add an LDAP group as Aternity users to assign roles to all members of that group, which saves you from manually managing each user separately. When you connect Aternity to your LDAP directory, a user can sign in by selecting the name of the LDAP directory in the Domain field of the sign in screen, and then enter their regular enterprise username and password. Connect the enterprise LDAP directory to use network usernames and passwords You can connect to more than one LDAP directory, or more than one search base within the same LDAP directory. ProcedureStep 1 Open a browser and sign in to Aternity. Step 2 Select the Gear Icon > Advanced Tools > Directory Services (LDAP). Access the settings to connect to your enterprise LDAP directory Step 3 Enter the connection information to access the enterprise LDAP directory server. Field Description Display Name Enter the display name of the LDAP directory, as it should appear in the login screen of Aternity . URL Enter the address to connect to the LDAP directory server using a URL format (including the ldap:// protocol). For secure LDAP connections, enter ldaps://. Search Base Enter the part of the LDAP database tree which you want to expose to Aternity. For example, you can restrict to a domain within the tree: ou=name,dc=<domain_name>,dc=com. Server Requires Authentication Select if access to the LDAP database requires credentials. User name Enter the username required by the LDAP server to access the LDAP database. Password Enter the password required by the LDAP server to access the LDAP database. Use for authentication and authorization Select if using this service for authentication. Authorize indirect group members Select to allow adding all members of an LDAP group to have access to Aternity with their network usernames and passwords, all with the same set of privileges. Without this setting, you can only add individual LDAP users to login with their network usernames and passwords. User name attribute Enter the LDAP field name which represents the login username. First name attribute Enter the LDAP field name which represents a user's first name. This is only used to display the user entry in the list of Aternity users. Last name attribute Enter the LDAP field name which represents a user's last name. This is only used to display the user entry in the list of Aternity users. Department attribute Enter the LDAP field name which represents a user's department in your organization. This is only used to display the user entry in the list of Aternity users. Description attribute Enter the LDAP field name which represents the description field of a user. This is only used to display the user entry in the list of Aternity users. Step 4 Select Test Configuration to test the connection with the LDAP, verifying that Aternity can access the LDAP directory with the address, credentials, and search base which you entered. Step 5 Select Save. Step 6 (Optional) Add another service for authentication and authorization if you need more than one. Step 7 You can delete any redundant service at any time. Parent topic Configure Advanced ToolsRelated tasksCustomize the Login Screen and System NameIntegrate an Email Server to Aternity SavePDF Selected topic Selected topic and subtopics All content Related Links
Connect Aternity to your Active Directory (LDAP) You can connect Aternity to your Microsoft Active Directory (AD), so that usernames defined in the AD can also be usernames to sign in to Aternity. Their usernames and passwords are managed in the AD only. You can add an LDAP group as Aternity users to assign roles to all members of that group, which saves you from manually managing each user separately. When you connect Aternity to your LDAP directory, a user can sign in by selecting the name of the LDAP directory in the Domain field of the sign in screen, and then enter their regular enterprise username and password. Connect the enterprise LDAP directory to use network usernames and passwords You can connect to more than one LDAP directory, or more than one search base within the same LDAP directory. ProcedureStep 1 Open a browser and sign in to Aternity. Step 2 Select the Gear Icon > Advanced Tools > Directory Services (LDAP). Access the settings to connect to your enterprise LDAP directory Step 3 Enter the connection information to access the enterprise LDAP directory server. Field Description Display Name Enter the display name of the LDAP directory, as it should appear in the login screen of Aternity . URL Enter the address to connect to the LDAP directory server using a URL format (including the ldap:// protocol). For secure LDAP connections, enter ldaps://. Search Base Enter the part of the LDAP database tree which you want to expose to Aternity. For example, you can restrict to a domain within the tree: ou=name,dc=<domain_name>,dc=com. Server Requires Authentication Select if access to the LDAP database requires credentials. User name Enter the username required by the LDAP server to access the LDAP database. Password Enter the password required by the LDAP server to access the LDAP database. Use for authentication and authorization Select if using this service for authentication. Authorize indirect group members Select to allow adding all members of an LDAP group to have access to Aternity with their network usernames and passwords, all with the same set of privileges. Without this setting, you can only add individual LDAP users to login with their network usernames and passwords. User name attribute Enter the LDAP field name which represents the login username. First name attribute Enter the LDAP field name which represents a user's first name. This is only used to display the user entry in the list of Aternity users. Last name attribute Enter the LDAP field name which represents a user's last name. This is only used to display the user entry in the list of Aternity users. Department attribute Enter the LDAP field name which represents a user's department in your organization. This is only used to display the user entry in the list of Aternity users. Description attribute Enter the LDAP field name which represents the description field of a user. This is only used to display the user entry in the list of Aternity users. Step 4 Select Test Configuration to test the connection with the LDAP, verifying that Aternity can access the LDAP directory with the address, credentials, and search base which you entered. Step 5 Select Save. Step 6 (Optional) Add another service for authentication and authorization if you need more than one. Step 7 You can delete any redundant service at any time. Parent topic Configure Advanced ToolsRelated tasksCustomize the Login Screen and System NameIntegrate an Email Server to Aternity
Connect Aternity to your Active Directory (LDAP) You can connect Aternity to your Microsoft Active Directory (AD), so that usernames defined in the AD can also be usernames to sign in to Aternity. Their usernames and passwords are managed in the AD only. You can add an LDAP group as Aternity users to assign roles to all members of that group, which saves you from manually managing each user separately. When you connect Aternity to your LDAP directory, a user can sign in by selecting the name of the LDAP directory in the Domain field of the sign in screen, and then enter their regular enterprise username and password. Connect the enterprise LDAP directory to use network usernames and passwords You can connect to more than one LDAP directory, or more than one search base within the same LDAP directory. ProcedureStep 1 Open a browser and sign in to Aternity. Step 2 Select the Gear Icon > Advanced Tools > Directory Services (LDAP). Access the settings to connect to your enterprise LDAP directory Step 3 Enter the connection information to access the enterprise LDAP directory server. Field Description Display Name Enter the display name of the LDAP directory, as it should appear in the login screen of Aternity . URL Enter the address to connect to the LDAP directory server using a URL format (including the ldap:// protocol). For secure LDAP connections, enter ldaps://. Search Base Enter the part of the LDAP database tree which you want to expose to Aternity. For example, you can restrict to a domain within the tree: ou=name,dc=<domain_name>,dc=com. Server Requires Authentication Select if access to the LDAP database requires credentials. User name Enter the username required by the LDAP server to access the LDAP database. Password Enter the password required by the LDAP server to access the LDAP database. Use for authentication and authorization Select if using this service for authentication. Authorize indirect group members Select to allow adding all members of an LDAP group to have access to Aternity with their network usernames and passwords, all with the same set of privileges. Without this setting, you can only add individual LDAP users to login with their network usernames and passwords. User name attribute Enter the LDAP field name which represents the login username. First name attribute Enter the LDAP field name which represents a user's first name. This is only used to display the user entry in the list of Aternity users. Last name attribute Enter the LDAP field name which represents a user's last name. This is only used to display the user entry in the list of Aternity users. Department attribute Enter the LDAP field name which represents a user's department in your organization. This is only used to display the user entry in the list of Aternity users. Description attribute Enter the LDAP field name which represents the description field of a user. This is only used to display the user entry in the list of Aternity users. Step 4 Select Test Configuration to test the connection with the LDAP, verifying that Aternity can access the LDAP directory with the address, credentials, and search base which you entered. Step 5 Select Save. Step 6 (Optional) Add another service for authentication and authorization if you need more than one. Step 7 You can delete any redundant service at any time. Parent topic Configure Advanced ToolsRelated tasksCustomize the Login Screen and System NameIntegrate an Email Server to Aternity