Applies to: 
Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
...
For this, click the cluster name > Security > Kyvos Authentication on the navigation pane.
Select the Authentication Type as Remote Authentication.
From the AuthenticationSystem select the LDAP option.
See details according to your Directory Type.
| Aura tab collection |
|---|
| params | JTdCJTIyZ2VuZXJhbCUyMiUzQSU3QiUyMnRhYlNwYWNpbmclMjIlM0EwJTJDJTIydGFiV2lkdGglMjIlM0ExMDAlMkMlMjJ0YWJIZWlnaHQlMjIlM0E1MCUyQyUyMmRpcmVjdGlvbiUyMiUzQSUyMmhvcml6b250YWwlMjIlN0QlMkMlMjJjb250ZW50JTIyJTNBJTdCJTIyYmFja2dyb3VuZENvbG9yJTIyJTNBJTdCJTIyY29sb3IlMjIlM0ElMjIlMjNmZmYlMjIlN0QlMkMlMjJib3JkZXIlMjIlM0ElN0IlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyd2lkdGglMjIlM0ExJTJDJTIydG9wJTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmNvbG9yJTIyJTNBJTdCJTIybGlnaHQlMjIlM0ElMjIlMjNjY2NlY2YlMjIlN0QlN0QlMkMlMjJwYWRkaW5nJTIyJTNBJTdCJTIydG9wJTIyJTNBMTAlMkMlMjJyaWdodCUyMiUzQTEwJTJDJTIyYm90dG9tJTIyJTNBMTAlMkMlMjJsZWZ0JTIyJTNBMTAlN0QlN0QlMkMlMjJhY3RpdmUlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzZjU4MjI3JTIyJTdEJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzMDAwMDAwJTIyJTdEJTJDJTIydGV4dEFsaWduJTIyJTNBJTIybGVmdCUyMiUyQyUyMmZvbnRXZWlnaHQlMjIlM0ElMjJib2xkJTIyJTdEJTdEJTJDJTIyaG92ZXIlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSUyMiUyM2RmZTFlNiUyMiU3RCUyQyUyMnRleHQlMjIlM0ElN0IlMjJmb250U2l6ZSUyMiUzQTE4JTJDJTIyY29sb3IlMjIlM0ElMjIlMjM1ZTZjODQlMjIlMkMlMjJ0ZXh0QWxpZ24lMjIlM0ElMjJsZWZ0JTIyJTJDJTIyZm9udFdlaWdodCUyMiUzQSUyMmxpZ2h0ZXIlMjIlN0QlN0QlMkMlMjJpbmFjdGl2ZSUyMiUzQSU3QiUyMmJhY2tncm91bmRDb2xvciUyMiUzQSU3QiUyMmNvbG9yJTIyJTNBJTIyJTIzZjRmNWY3JTIyJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSUyMiUyMzVlNmM4NCUyMiUyQyUyMnRleHRBbGlnbiUyMiUzQSUyMmxlZnQlMjIlMkMlMjJmb250V2VpZ2h0JTIyJTNBJTIybGlnaHRlciUyMiU3RCUyQyUyMmJvcmRlciUyMiUzQSU3QiUyMnRvcCUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJ3aWR0aCUyMiUzQTElMkMlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyY29sb3IlMjIlM0ElN0IlMjJsaWdodCUyMiUzQSUyMiUyM2NjY2VjZiUyMiU3RCU3RCU3RCU3RA== |
|---|
|
| Aura tab |
|---|
| summary | Active Directory |
|---|
| params | JTdCJTIydGl0bGUlMjIlM0ElMjJBY3RpdmUlMjBEaXJlY3RvcnklMjAlMjIlN0Q= |
|---|
|
Enter details as: Settings | Parameter/Field | Comments/Description |
|---|
Basic Settings | Alias | Specify a unique alias name for the LDAP account. | Directory Type | Select the Azure Active Directory option from the list. | Client ID | Enter the Client ID for the Azure AD.
It is the unique identifier for your registered Azure AD application. Enter the value of the Application (client) ID for the app you registered in Azure AD. | Secret ID | Enter the Client Secret. The client secret is created while registering your application to Azure AD. | Schema Settings | Tenant ID | Enter the Tenant ID, which is the ID of the Azure Active Directory in which you created the application. To find your Tenant ID, click Azure Active Directory > Properties > Directory ID in the Azure portal. An AAD tenant is required for defining an application and for assigning permissions so the application can make use of other Azure services' REST APIs. | Scope | The scope is the resources access permissions. The default value is /.default.
| Group Filter | Enter the details of group filters (if any). Example: For Azure AD
displayName eq 'Platform' or displayName eq 'RS' | User Filter | Enter the details of user filters (if any). Example: For Azure AD
memberofgroups(displayName eq 'Platform' or displayName eq 'RS') | Advanced Settings | Import Users As | Select the user role from the list. | Group Import Type | Select Default or Flat option. The Flat option allows importing of nested groups from Azure AD, such that all the members of the nested groups can be mapped to the parent group configured in Kyvos without importing the groups. | User Group Sync Level | Select the user sync level. | Timeout | Enter the search timeout interval in seconds. | Connection Timeout | Enter the connection timeout interval in seconds. |
| Aura tab |
|---|
| summary | Microsoft Active Directory |
|---|
| params | JTdCJTIydGl0bGUlMjIlM0ElMjJNaWNyb3NvZnQlMjBBY3RpdmUlMjBEaXJlY3RvcnklMjAlMjIlN0Q= |
|---|
|
Enter details as: Settings | Parameter/Field | Comments/Description |
|---|
Basic Settings | Alias | Specify a unique alias name for the LDAP account. | Referral Mode | Select the mode for the service providers to indicate how to handle referrals. Ignore: Ignore referrals. Follow: Automatically follow any referrals. Throw: Throw a Referral Exception error for each referral.
| Directory Type | Select the Microsoft Active Directory option from the list. | Host Name | Enter the hostname or IP address of the authentication directory server. | Use SSL | Select this check box if SSL is configured. You will have to upload the SSL certificate for this. | SSL Certificate | Upload the SSL certificate file for use with the authentication directory. | Port | Enter the port on which directory server is listening. | User DN | Enter a unique name for the user that the application will use when connecting to the directory server. For example, cn=user,dc=domain,dc=name for user@domain.name. | Password | Enter the password for the user. | Schema Settings | Base DN | Enter the name that the application will use when connecting to the directory server. If you are searching for users in the Admin department of example.com, then the Base DN would be dc=example,dc=com, and the User DN would be cn=admin,dc=example,dc=com. If you have a group within in the admin called ITadmin, then the User DN would be cn=admin,ou=ITadmin,dc=example,dc=com. | Additional Group DN | Enter the additional group DN details (if any). | Additional User DN | Enter the additional user DN details (if any). | Group Filter | Enter the details of group filters (if any).
Example:
For LDAP
(&(objectCategory=Group)((cn=SUPPORT))) | User Filter | Enter the details of user filters (if any). Example:
For LDAP
(memberOf= CN=SUPPORT,CN=Users,DC=kyvostest,DC=com) | Advanced Settings | Import Users As | Select the user role from the list. | User Group Sync Level | Select the user sync level. | Read Timeout | Enter the read timeout interval in seconds. | Search Timeout | Enter the search timeout interval in seconds. | Connection Timeout | Enter the connection timeout interval in seconds. |
| Aura tab |
|---|
| summary | Open DS |
|---|
| params | JTdCJTIydGl0bGUlMjIlM0ElMjJPcGVuJTIwRFMlMjAlMjIlN0Q= |
|---|
|
Settings | Parameter/Field | Comments/Description |
|---|
Basic Settings | Alias | Specify a unique alias name for the LDAP account. | Referral Mode | Select the mode for the service providers to indicate how to handle referrals. Ignore: Ignore referrals. Follow: Automatically follow any referrals. Throw: Throw a Referral Exception error for each referral.
| Directory Type | Select the Open DS option from the list. | Host Name | Enter the hostname or IP address of the authentication directory server. | Use SSL | Select this check box if SSL is configured. You will have to upload the SSL certificate for this. | SSL Certificate | Upload the SSL certificate file for use with the authentication directory. | Port | Enter the port on which directory server is listening. | User DN | Enter a unique name for the user that the application will use when connecting to the directory server. For example, cn=user,dc=domain,dc=name for user@domain.name. | Password | Enter the password for the user. | Schema Settings | Base DN | Enter the name that the application will use when connecting to the directory server. If you are searching for users in the Admin department of example.com, then the Base DN would be dc=example,dc=com, and the User DN would be cn=admin,dc=example,dc=com. If you have a group within in the admin called ITadmin, then the User DN would be cn=admin,ou=ITadmin,dc=example,dc=com. | Additional Group DN | Enter the additional group DN details (if any). | Additional User DN | Enter the additional user DN details (if any). | Group Filter | Enter the details of group filters (if any). | User Filter | Enter the details of user filters (if any). | Advanced Settings | Import Users As | Select the user role from the list. | User Group Sync Level | Select the user sync level. | Read Timeout | Enter the read timeout interval in seconds. | Search Timeout | Enter the search timeout interval in seconds. | Connection Timeout | Enter the connection timeout interval in seconds. |
|
...
