LDAP (Username/Password)

Scenario

In this scenario, we will append the default installation with a username and password authenticator against a LDAP-directory.

Prerequisite

• This use case assumes that you have good knowledge of the product in question.

• Fortified ID Access installed and configured with the default configuration

• LDAP directory. Knowledge about the LDAP directory to be used, such as:

  • Hostname

  • Port

  • Service account / password

  • Location of the users to authenticate.

Install and prepare configuration

1. Download

2. Add files and folders from ZIP-file to the config-folder, ex: C:\Program Files\FortifiedID\mgmt-center\data\customer\access\config

3. Optional: Adjust the LDAPSearch to match your requirement. The default query will find users based on their sAMAccountName.

4. Append you globals with the following parameters and adjust them according to you needs

{
    "ldap1_name": "ad1",
    "ldap1_host": "ldapserver.company.local",
    "ldap1_port": 636,
    "ldap1_use_ssl": true,
    "ldap1_ssl_trust_all": true,
    "ldap1_base_dn": "dc=company,dc=local",
    "ldap1_bind_dn": "CN=admin,CN=Users,DC=company,DC=local",
    "ldap1_bind_password": "top_secret_password"
}

1. Append the translations file with the following translation

{
    "uid_pwd_ldap_label": "Username & Password - LDAP"
}

1. Append the selector with at reference to the new authenticator by appending this block to the default selector

{
    "id": "5",
    "target": "uid_pwd_ldap",
    "label": "uid_pwd_ldap_label"
}

1. Restart the Access service

Test the configuration

2. The selector should now be displayed, including the new option for "Username and Password - LDAP".

3. Select "Username and Password - LDAP" and authenticate using the configured username (default sAMAccountName) and password.

4. You should now be redirected to the selected application or the Fortified ID test application.