Skip to content

Single Sign-On using Active Directory/LDAP

About LDAP authentication

When the user tries to login to MiaRec web portal, his/her login and password is verified on LDAP server. If login and password are accepted by LDAP server, then the user is allowed to login to MiaRec web portal.

Such feature allows to manage users' passwords in one location only (on your LDAP server). MiaRec doesn't store user's passwords in own database in this scenario. If the user's password is changed on LDAP server, then MiaRec will automatically accept such new password during login phase. Also, when a user account is removed/deactivated in LDAP server, then such user will not be able to login to MiaRec web-portal too.

Info

Please, note, MiaRec doesn't accept automatically login from any LDAP user in your system. It is required that user account has been previously created in MiaRec and appropriate access permissions have been granted to the user. On the user's profile page, the administrator may specify whether the user's password should be stored locally (in encrypted one-way hash form) or LDAP authentication is enabled for such user.

Configure LDAP-based user authentication

To configure the LDAP-based user authentication:

  1. Navigate to Administration > User Authentication > Active Directory/ LDAP.

  2. Click Edit Configuraiton.

    Configure LDAP-based user authentication

  3. Fill in the following fields:

    LDAP Settings

  4. Enable - select this check box to enable LDAP-based user authentication.

  5. LDAP host - specify the Hostname or IP address of the LDAP server.
  6. LDAP port - specify the port of the LDAP server.Usually 389 for non-SSL connection and 636 for SSL.
  7. Use SSL - select this check box to enforce SSL connection. Recommended.

  8. LDAP domain - specify the LDAP domain name. LDAP domain should be in Windows format (DOMAIN\username) rather than UPN format (username@domain.local).

  9. Optionally, under the Test Connection Settings section, you can test if the connection to the LDAP server is working by specifying the credentials to a test LDAP user account and clicking Test a Connection.

  10. Save your settings.

After that, on each user's profile you need to change Authentication type to LDAP.

Change authentication type

Make sure to save your changes again.