Sample External Directory Configurations
In appliances, the external directory servers such as, Active Directory (AD) or Oracle Directory Server Enterprise Edition (ODSEE) use the OpenLDAP protocol to authenticate users. The following sections describe the parameters that you must configure to connect with an external directory.
Sample AD configuration
The following example describes the parameters for setting up an AD connection.
LDAP Uri: ldap://192.257.50.10:389
Base DN: dc=sherwood,dc=com
Bind DN: administrator@sherwood.com
Bind Password: <Password for the Bind User>
StartTLS Method: Yes
Verify Peer: Yes
LDAP Filter: sAMAccountName
Same usernames across multiple ADs
In case of same usernames across multiple ADs, it is recommended to use LDAP Filter such as UserPrincipalName to authenticate users.
Sample ODSEE configuration
The following example describes the parameters for setting up an ODSEE connection.
Protegrity appliances support ODSEE v11.1.1.7.0
LDAP Uri: ldap://192.257.50.10:389
Base DN: dc=sherwood,dc=com
Bind DN: cn=Directory Manager or cn=admin,cn=Administrators,cn=config
Bind Password: <Password for the Bind User>
StartTLS Method: Yes
Verify Peer: Yes
LDAP Filter: User attributes such as,uid, cn, sn, and so on.
Sample SAML Configuration
The following example describes the parameters for setting up a SAML connection.
SAML Single Sign-On:
Enable: Yes
Access User Management Screen: No
Service Provider (SP) Settings:
FQDN: appliancefqdn.com
Entity ID: e595ce43-c50a-4fd2-a3ef-5a4d93a602ae
Identity Provider (IdP) Settings:
Metadata Settings: Metadata URL
Sample SAML File: FQDN_EntityID_Metadata_user_credentials 1.csv
Sample Content of the SAML File:
Sample Kerberos Configuration
The following example describes the parameters for setting up a Kerberos connection. The Kerberos for Single Sign-On uses Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO).
Kerberos for Single Sign-On using (Spnego):
Enable: Yes
Service Principal Name: *HTTP/<username>.esatestad.com@ESATESTAD.*COM
Sample Keytab File: <username> 1.keytab
Sample Azure AD Configuration
The following example describes the parameters for setting up an Azure AD connection.
Azure AD Settings: Enabled
Tenant ID: 3d45143b-6c92-446a-814b-ead9ab5c5e0b
Client ID: a1204385-00eb-44d4-b352-e4db25a55c52
Auth Type: Secret
Client Secret: xxxx