LDAP
LDAPā
Configure the required fields to connect to your LDAP server.
- Port. The default port is 389 for SSL disabled and 636 for SSL enabled.
- User name (optional). We use this admin user name to bind the ldap server for each query.
- Base dn. This should be a root node in ldap server to search for the ldap user and group.
- Default role. This is the role that a user will take if role group mapping (below) fails. If the userās group attribute is found that can be mapped to a role, then the default role will not be used. If no matching group attribute is found, the default role will be taken. If the default role is None in this case, the user login will fail. The ātest connectionā button will check if a username/password can be authenticated by the configured LDAP server.
- Admin and Reader role map. This defines how to map a userās LDAP group membership to the user role in NeuVector. Add the LDAP group list to the corresponding roles. When looking up a userās group membership in LDAP schema, we assume the groupās member attribute is named as āmemberUidā.
Mapping Groups to Roles and Namespacesā
Please see the Users and Roles section for how to map groups to preset and custom roles as well as namespaces in NeuVector.