Sample External Directory Configurations

In appliances, the external directory servers such as, Active Directory (AD) or Oracle Directory Server Enterprise Edition (ODSEE) use the OpenLDAP protocol to authenticate users. The following sections describe the parameters that you must configure to connect with an external directory.

Sample AD configuration

The following example describes the parameters for setting up an AD connection.

LDAP Uri: ldap://192.257.50.10:389

Base DN: dc=sherwood,dc=com

Bind DN: administrator@sherwood.com

Bind Password: <Password for the Bind User>

StartTLS Method: Yes

Verify Peer: Yes

LDAP Filter: sAMAccountName

Same usernames across multiple ADs

In case of same usernames across multiple ADs, it is recommended to use LDAP Filter such as UserPrincipalName to authenticate users.

Sample ODSEE configuration

The following example describes the parameters for setting up an ODSEE connection.

Protegrity appliances support ODSEE v11.1.1.7.0

LDAP Uri: ldap://192.257.50.10:389

Base DN: dc=sherwood,dc=com

Bind DN: cn=Directory Manager or cn=admin,cn=Administrators,cn=config

Bind Password: <Password for the Bind User>

StartTLS Method: Yes

Verify Peer: Yes

LDAP Filter: User attributes such as,uid, cn, sn, and so on.

Sample SAML Configuration

The following example describes the parameters for setting up a SAML connection.

SAML Single Sign-On:

  • Enable: Yes

  • Access User Management Screen: No

Service Provider (SP) Settings:

  • FQDN: appliancefqdn.com

  • Entity ID: e595ce43-c50a-4fd2-a3ef-5a4d93a602ae

Identity Provider (IdP) Settings:

Sample Content of the SAML File:

Sample Kerberos Configuration

The following example describes the parameters for setting up a Kerberos connection. The Kerberos for Single Sign-On uses Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO).

Kerberos for Single Sign-On using (Spnego):

  • Enable: Yes

  • Service Principal Name: *HTTP/<username>.esatestad.com@ESATESTAD.*COM

  • Sample Keytab File: <username> 1.keytab

Sample Azure AD Configuration

The following example describes the parameters for setting up an Azure AD connection.

Azure AD Settings: Enabled

Tenant ID: 3d45143b-6c92-446a-814b-ead9ab5c5e0b

Client ID: a1204385-00eb-44d4-b352-e4db25a55c52

Auth Type: Secret

Client Secret: xxxx