Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. On the navigation pane, click Kyvos Manager Settings > LDAP.
    The LDAP page is displayed, as shown in the following figure.

    Image Removedimage-20240718-120017.pngImage Added

  2. Select the LDAP Enabled checkbox.

  3. To retrieve LDAP configurations from an existing cluster, select the Cluster Name and LDAP Alias from the corresponding lists.

  4. Enter details in the displayed fields as:

...

Aura tab collection
paramsJTdCJTIyZ2VuZXJhbCUyMiUzQSU3QiUyMnRhYlNwYWNpbmclMjIlM0EwJTJDJTIydGFiV2lkdGglMjIlM0ExMDAlMkMlMjJ0YWJIZWlnaHQlMjIlM0E1MCUyQyUyMmRpcmVjdGlvbiUyMiUzQSUyMmhvcml6b250YWwlMjIlN0QlMkMlMjJjb250ZW50JTIyJTNBJTdCJTIyYmFja2dyb3VuZENvbG9yJTIyJTNBJTdCJTIyY29sb3IlMjIlM0ElMjIlMjNmZmYlMjIlN0QlMkMlMjJib3JkZXIlMjIlM0ElN0IlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyd2lkdGglMjIlM0ExJTJDJTIydG9wJTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmNvbG9yJTIyJTNBJTdCJTIybGlnaHQlMjIlM0ElMjIlMjNjY2NlY2YlMjIlN0QlN0QlMkMlMjJwYWRkaW5nJTIyJTNBJTdCJTIydG9wJTIyJTNBMTAlMkMlMjJyaWdodCUyMiUzQTEwJTJDJTIyYm90dG9tJTIyJTNBMTAlMkMlMjJsZWZ0JTIyJTNBMTAlN0QlN0QlMkMlMjJhY3RpdmUlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzZjU4MjI3JTIyJTdEJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzMDAwMDAwJTIyJTdEJTJDJTIydGV4dEFsaWduJTIyJTNBJTIybGVmdCUyMiUyQyUyMmZvbnRXZWlnaHQlMjIlM0ElMjJib2xkJTIyJTdEJTdEJTJDJTIyaG92ZXIlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSUyMiUyM2RmZTFlNiUyMiU3RCUyQyUyMnRleHQlMjIlM0ElN0IlMjJmb250U2l6ZSUyMiUzQTE4JTJDJTIyY29sb3IlMjIlM0ElMjIlMjM1ZTZjODQlMjIlMkMlMjJ0ZXh0QWxpZ24lMjIlM0ElMjJsZWZ0JTIyJTJDJTIyZm9udFdlaWdodCUyMiUzQSUyMmxpZ2h0ZXIlMjIlN0QlN0QlMkMlMjJpbmFjdGl2ZSUyMiUzQSU3QiUyMmJhY2tncm91bmRDb2xvciUyMiUzQSU3QiUyMmNvbG9yJTIyJTNBJTIyJTIzZjRmNWY3JTIyJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSUyMiUyMzVlNmM4NCUyMiUyQyUyMnRleHRBbGlnbiUyMiUzQSUyMmxlZnQlMjIlMkMlMjJmb250V2VpZ2h0JTIyJTNBJTIybGlnaHRlciUyMiU3RCUyQyUyMmJvcmRlciUyMiUzQSU3QiUyMnRvcCUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJ3aWR0aCUyMiUzQTElMkMlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyY29sb3IlMjIlM0ElN0IlMjJsaWdodCUyMiUzQSUyMiUyM2NjY2VjZiUyMiU3RCU3RCU3RCU3RA==
Aura tab
summaryMicrosoft Open Directory
paramsJTdCJTIydGl0bGUlMjIlM0ElMjJNaWNyb3NvZnQlMjBPcGVuJTIwRGlyZWN0b3J5JTIwJTIyJTdE

Parameter/Field

Comments/Description

Directory Type

Select the directory type from the list.

Username Attribute

Specify the username attribute from the account that will be used as a username for the Kyvos Manager application.

Host Name

Enter the hostname or IP address of the authentication directory server.

Port

Enter is the port on which the directory server is listening. 

User DN

Enter is a unique name for the user that the application will use when connecting to the directory server. For example, cn=user,dc=domain,dc=name for user@domain.name.

Password

Enter the password for the user.
NOTE: If not specified, the last provided password will be used. To change, enter a new password. 

Use Secure Layer

Select this check box if SSL is configured. You will have to upload the SSL certificate for this.

SSL Certificate

Upload the SSL certificate file for use with the authentication directory. 

Base DN

Enter the name that the application will use when connecting to the directory server.

If you are searching for users in the Admin department of example.com, then the Base DN would be dc=example,dc=com, and the User DN would be cn=admin,dc=example,dc=com.

If you have a group within in the admin called ITadmin, then the User DN would be cn=admin,ou=ITadmin,dc=example,dc=com.

Additional Group DN 

Enter the additional group DN details (if any).

Additional User DN

Enter the additional user DN details (if any).

Group Filter

Enter the details of group filters (if any).

User Filter

Enter the details of user filters (if any).

Import User As

Select the role from the list to assign to the imported user.

NOTE: Users imported previously have been assigned the Administrator role.

Show sync and timeout settings

Click to specify the sync and timeout settings:

  • Import Users As: Select the default role for all users being imported from the LDAP.

  • Read Timeout: Specify the timeout interval (in seconds) for reading data from LDAP.

  • Search Timeout: Specify the timeout interval (in seconds) for searching new data from LDAP.

  • Connection Timeout: Specify the timeout interval (in seconds) for connecting to the LDAP directory.

  • Custom Attributes: If needed, add custom attributes for users being imported from LDAP.

Microsoft_Directory.png
Aura tab
summaryAzure Active Directory
paramsJTdCJTIydGl0bGUlMjIlM0ElMjJBenVyZSUyMEFjdGl2ZSUyMERpcmVjdG9yeSUyMCUyMiU3RA==

Parameter/Field

Comments/Description

Directory Type

Select the Azure Active Directory type from the list.

Username Attribute

Specify the username attribute from the account that will be used as a username for the Kyvos Manager application.

Client ID

Enter the application ID that is created in Azure Active Directory (Microsoft Entra).

Secret ID

Enter the secret ID to access the configured application that is created in Azure Active Directory (Microsoft Entra).
NOTE: If not specified, the last provided Secret ID will be used. To change, enter a new secret ID.

Tenant ID

Enter the tenant ID in which your application is created.

Scope

Enter the scope URL to get the specific permissions for the users.
NOTE: The .default scope is used to refer generically to a resource service (API) in a request, without identifying specific permissions. For more information, refer to Microsoft documentation.

Group Filter

Enter the details of group filters (if any).

User Filter

Enter the details of user filters (if any).

Import User As

Select the role from the list to assign to the imported user.

NOTE: Users imported previously have been assigned the Administrator role.

Show sync and timeout settings

Click to specify the sync and timeout settings:

  • Users Group Sync Level: Specify the sync level for the user group from:

    • Bootup: The system searches for changes at every bootup and syncs the users with the LDAP directory.

    • Incremental: The system search for changes whenever new data comes in and syncs the users with the LDAP directory.

    • Never: The system does not sync user information from the LDAP directory.

  • Group Import Type: Select the default role for all users being imported from the LDAP.

  • Timeout: Specify the timeout interval (in seconds) for reading data from LDAP.

  • Connection Timeout: Specify the timeout interval (in seconds) for connecting to the LDAP directory.

  • Custom Attributes: If needed, add custom attributes for users being imported from LDAP.

image-20240228-115328.png

...