"LDAP User/Group Mapping" in LDAP Authentication

  • 21 May 2021
  • 0 replies
  • 247 views

  • Anonymous
  • 0 replies

Generally, LogPoint pulls the User and Group relationship data from the LDAP server that is being used.

Since there is a variation among LDAP server vendors on how the user-group relationship is represented, LogPoint requires data on how this mapping is done.

For instance, in case of Microsoft AD, each user will have an attribute called "memberOf" which contains all the groups the particular user belongs to.

While in case of OpenLDAP, the group will contain the attribute "member" which lists all users belonging to this group.

This  enables us to configure LogPoint depending on how user-group mapping is done on the LDAP server.

For example,

  • If Group in LDAP contains information about its member in a field name "myMembers" then, you need to select the "Group Contains User Info" button and input "myMembers" in the text field.  In the "User Settings" section's "Group Mem attr", you will need to enter the name of the User attribute that the "myMembers" field contains. 
  • If User in LDAP contains information about the group it belongs to in the field "myGroups" then, you need to select the "User Contains Group info"  button and input "myGroups" in the text field.  In the "Group Settings" section's "Mem Group Attr", you will need to enter the name of the Group attribute that is contained by the "myGroups" field of the LDAP User.

0 replies

Be the first to reply!

Reply