Directory Connection - Setup Overview
Integrating with Active Directory / LDAP server allows Password Server to use the same users and security groups that your organization is already familiar with, and has previously configured in your User Directory.
Summary: This integration is powerful and allows new users to have password access, based on existing security groups, at the time they first sign-in.
Administrators will configure who can login to Password Server, by simply setting up a LDAP/AD Security Group for Password Server Users. Then when any of these users attempt to login, all of the following items can happen automatically:
- Their user credentials are verified on the AD/LDAP server
- Their account gets created in Password Server
- Their roles in Password Server are synced with the same security groups from AD/LDAP,
- The user has access to only the passwords they need.
Here is a basic overview of setting up a connection to your Active Directory / LDAP directory.
Step 1: Create a Directory Connection
- Add a User Directory connection
- Configure the connection user
- Configure the options
- Configure the scope of the connection
- Option A) Set the Base Distinguished Name
- Option B) Filter on Group Membership
- (Optionally) Set the User Relative & Group Relative DN's
Click "Test the connection" button
Step 2: Import the Security Groups
- Import the Security Groups you wish to bring into Password Server, which can be given access to folders/entries. Note: that by filtering by Group Membership can simplify finding roles.