Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

About

LDAP (Lightweight Directory Access Protocol) is an application protocol used to look up authentication data of users or user groups stored on LDAP directory servers when authenticating user access.

Okta is a cloud identity management system used to access both cloud and on-premises applications.

If your organization uses Okta for LDAP authentication, you can configure Zephyr Enterprise for authentication via Oktato allow Okta users to access it.

The image below demonstrates the authentication procedure:

...

...

Configure Zephyr

To configure Zephyr , log in to work with Okta:

1. Log in to Zephyr as an administrator, go .
2. Go to Administration > Authentication and select LDAP from the Authentication System drop-down menu.:

...

3. Fill in the fields. The settings you specify to connect to Okta on this screen vary depending on the application you use. In our example, we use the following Connection Infoconnection info:

Setting

Value

Example

Select Directory

Apache Directory Server 1.0.x

LDAP Host

The host name of your LDAP server you access through Okta.

<org_subdomain>.ldap.<domain><domain>.com

 where <domain> <domain> is either oktapreview, okta, or okta-emea.

ldaps://xyz.ldap.okta.com

Base DN

The root location where the application will start searching for users and groups.

[<ou<ou=users or groups>],<dc=org_subdomain>, dc=<domain> , dc=com

where <domain> <domain> is either oktapreview, okta, or okta-emea.

dc=xyz,dc=okta,dc=com

Search Attribute

uid

The search attribute to use when loading the username. uid means user ID.

uid

Bind DN

The distinguished name used to connect to the LDAP server.

uid=<username>,<dc=org_subdomain>,dc=<domain>,dc=com

where <domain> <domain> is either oktapreview, okta, or okta-emea.

Note: Must be an admin, but can be a Read-Only admin.

uid=abc,dc=xyz,dc=okta,dc=com

Bind Password

The password of the admin user user’s password used to connect to the LDAP server.

password

Username

The username of the sample user used to test authentication.

abc@xyz.com

Password

The password of the sample user used to test authentication.

password

...

4. Specify advanced settings. The settings become available once you you select Apache Directory Server 1.0.x, the following advanced setting will become available in the Select Directory field:

...

Populate the fields using the values listed in the table below:

Setting

Value

Search Attribute

uid

User Object class

inetOrgPerson

User Object Filter

(objectClass=inetOrgPerson)

User First Name Attribute

givenName

User Last Name Attribute

sn

User Email Attribute 

email

Group Object Class

groupofUniqueNames

Group Object Filter

(objectClass=groupOfUniqueNames)

Group Name Attribute 

cn

Group Description Attribute

description

Group Members Attribute

uniqueMember

User Members Attribute

memberOf

NotememberOf is not an indexed value. Using memberOf will Using memberOf will result in slow search time.

...

5. Click Saveafter you populate all the fields to apply the changes.

Now you can connect to Zephyr by using Okta.

See Also

Authentication
SSO Setup with Okta in Zephyr
SSO Setup with Azure AD in Zephyr