LDAP
The LDAP integration allows you to connect your Jadu Control Center to your LDAP or Active Directory domain.
To log in to Jadu, enabled LDAP users can either use their LDAP login details at the Control Center login screen, or they can be silently logged in using Integrated Windows Authentication (network architecture permitting).
LDAP integration is dependent on connectivity being available from your application server to your LDAP server.
Navigating to the LDAP area
- Click the Settings icon in the left navigation bar. The Settings menu will open.
- Click the Integrations link in the first group of links. A list of integrations will now be shown.
- Click the LDAP option in the list of integrations. The LDAP integration form will open.
LDAP fields
| Field | Notes | Required? |
|---|---|---|
| Protocol | The connection protocol to use, either LDAP or LDAPS | |
| Server address | The address to use when connecting | ✅ |
| Server port | The port number to use when connecting | ✅ |
| Distinguished Name (DN) | eg. 'ldap@example.com' | ✅ |
| Password | The password to use when connecting | ✅ |
| Login method | Whether login is cookie-based using the Jadu login screen, or uses integrated Windows authentication. | |
| User search base DN | The point from which a server will search for users eg. 'dc=example,dc=com' | ✅ |
| User search filter | Filter to apply to search results eg. '(objectClass=*)' | ✅ |
| Field Mapping | The username and email fields that needs to be used when crawling data from LDAP server | ✅ |
Assigning field mappings
Field mappings must be set before the LDAP integration can be enabled.
To set your field mappings, try the following:
- While editing the LDAP integration settings, click the Assign Field Mappings button. The Field mapping panel will open.
- Within the Field mapping panel, type a valid username in the Username field. The application will start to search for a matching account in your LDAP system.
- When the matching username is shown, select the username from the list of results.
- Select the LDAP fields to use as the username and email values when an LDAP account is added as an admin for Jadu Central.
- Click the Save button and the Field mapping panel will close.
- Click the Save button to save your changes and enable the LDAP integration.
Creating an LDAP authenticated admin
Once the LDAP integration has been enabled, you can add LDAP accounts as admins for Jadu Central. To do this, try the following:
- Click the Utilities icon in the left navigation bar. The Utilities menu will open.
- Click the Admin Privileges link in the third group of links. A list of admins will now be shown, with links to create new admins if your account has the appropriate access permissions.
- Click the New Admin button. The admin entry form will open. Complete the form to create a profile for your administrator and save the record.
- Locate the new admin in the adminstrators list and open the record. Click the Link External Account button. The Link to External Account window will open.
- Select LDAP as the identity provider to link to. Enter the LDAP username in the search field. The application will start to search for a matching account in your LDAP system. When the matching account is shown, click the username in the list of search results.
- Click the Save button to save the changes.
The name and email address associated with the LDAP account are imported from the LDAP server each time the user logs into the application.
Troubleshooting
If you're having difficulty setting up LDAP integration with Jadu Central, please check the following:
-
Ensure that the application server can communicate with the LDAP server. For example, if you have a proxy in place this may require the proxy settings of the application to be updated.
-
LDAP always searches for SAMAccountName. Ensure that this field is set within your LDAP system configuration.
-
Usernames with periods (.) are not allowed within Jadu Central. If your LDAP account name includes periods you will not be able to add that account as admins of Jadu Central.