Adding, removing, and disabling LDAP connections
Guardium® Insights requires a connection to one or more Lightweight Directory Access Protocol (LDAP) servers for user authentication.
Before you begin
To open the settings menu, select Settings (). After opening the settings menu, choose LDAP configuration.
In the LDAP connection page, click Connect an LDAP server and then complete the Add LDAP connection page as follows:
Procedure
Example
This example shows the syntax used by the LDAP configuration:
LDAP External Server URL ldap://guardium.ibm.com:389
LDAP Base DN dc=atlanta,dc=ds,dc=priv
LDAP port (external) 389
LDAP Bind distinguished name cn=admin,dc=atlanta,dc=ds,dc=priv
LDAP Password myldappassword123
User filter (&(uid=%v)(objectclass=inetOrgPerson))
User ID Map *:uid:
What to do next
- Edit: Selecting this opens the Add LDAP connection screens so that you can edit and save the connection's settings.
- Enable: If the connection is disabled, select this to enable it.
- Disable: If the connection is enabled, select this to disable it.
- Delete: Select this to remove the LDAP connection.
Once your LDAP connection is complete, you can add users to Guardium Insights.
uid
attribute in its schema. If it does not, you will need to update
its ICS config map with an alternative.For example, for an Active Directory LDAP server, you will
have to specify sAMAccountName
as the userName
. To change the
userName
attribute mapping from the default uid
to another value
like sAmAccountName
, edit the platform-auth-idp
config map on your
OCP cluster in the namespace where IBM® Common
Services is installed. Change the
userName
field to the desired value. It is located under user
in
the default
object, as shown here: