Versions Compared

Old Version 21

changes.mady.by.user Kevin Pham (Deactivated)

Saved on

compared with

New Version 22

changes.mady.by.user Kevin Pham (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Secondary Authentication: If LDAP/Crowd/Webservice/SSO is being used for primary authentication and certain temporary/migrant/external users that are not in those systems need access to Zephyr, the secondary authentication option can be turned on to allow that.

Warning

Please note that this process is only for authentication and not for synchronizing user information with these systems. After completing authentication, you may import Groups by following the instructions in Group Setup.

...


 

Anchor
LDAP
LDAP
2. LDAP
 
If your organization is using an LDAP server for authentication, the Zephyr Server can be setup to authenticate users using LDAP.
Image Removed
 

When setting up your LDAP connection, we provide you with an option to connecting without requiring the BindDN and BindPassword. To connect to LDAP without requiring this information, simply enable the Anonymous Bind feature when setting up LDAP.

  • Anonymous Bind is essentially an LDAP server function that allows the client to connect and search the directory (bind and search) without requiring the BindDN and BindPassword.
  • To use Anonymous Bind, click on the checkbox to ensure it is enabled during the LDAP connection setup process.


Image Added
 

Below the 'Connection Info' section there will be a place to test the connections and LDAP credentials used. This is useful for a quick check to see if everything is working. The username and password here can be a user in your directory that you wish to log on the Zephyr system with. Once the information is correct you can click the 'Test' button and if everything goes correctly, you should see a 'Validation Successful!' popup. Otherwise, start troubleshooting the setup.

LDAP Required Fields

1. What are the required fields for connecting to LDAP?

  • Open DS: LDAP Host, Base DN, and Search Attribute are required.
    • The username and password for users who can authenticate are required.
  • Active Directory: LDAP Host, Base DN, and Search Attribute.
    • The username and password for users who can authenticate are required.

2. Is a unique Organizational Unit needed for Zephyr? (Organization Unit can be - Zephyr)

  • The organizational unit can be any name. It does not necessarily have to be specific to Zephyr.

3. Is Bind DN required?

  • Bind DN is required for Active Directory.
  • Bind DN is not required for Open DS.


...

Anchor
SSO
SSO
5. Single Sign-On (SSO) with SAML 2.0

If your organization is using Single Sign-On (SSO) for authentication, the Zephyr Server can be setup to authenticate with it before allowing users to log into the system.

With SSO setup and enabled, the login flow will redirect you straight to the SSO login page and after entering in the correct credentials, it will directly redirect and log you into Zephyr. This minimizes the amount of steps and redirects to get logged into Zephyr.

Zephyr has provided an Auto-Provisioning option when setting up your SSO.

...

into

...

Zephyr.

  • To enable this, you must provide the SAML attributes from your external SSO system with the Zephyr attributes to creating the mapping so that Zephyr can create the users automatically.

See below for the configuration fields required for setting up SSO:


Image Removed Image Added

An example with setting up Okta in Zephyr, please refer to SSO Setup with Okta in Zephyr.

...