Versions Compared

Old Version 7

changes.mady.by.user Edward Stolyar

Saved on

compared with

New Version 8

changes.mady.by.user Edward Stolyar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

LDAP (Lightweight Directory Access Protocol) is an application protocol used to access authentication data of users or user groups stored on LDAP directory servers when authenticating users. Zephyr supports user authentication via LDAP.

Okta is a cloud identity management system used to access both cloud and on-premises applications.

If your organization uses Okta for LDAP authentication, you can configure Zephyr Enterprise to allow Okta users to access it (for information on how to configure Okta single sign-on, see SSO Setup with Okta in Zephyr).

The image below demonstrates the authentication procedure:

...

...

Prerequisites

  • You need to have an Okta account.

  • Users must exist in your LDAP directory.

Configure Zephyr

To configure Zephyr to work with Okta:

...

Setting

Value

Example

Select Directory

Apache Directory Server 1.0.x

LDAP Host

The host name of your LDAP server you access through Okta.

<org<org_subdomain>subdomain>.ldap.<domain>.com

 where <domain> <domain> is either oktapreview, okta, or okta-emea.

ldaps://xyz.ldap.okta.com

Base DN

The root location where the application will start searching for users and groups.

[<ou=users or groups>],<dc=org_subdomain>, dc=<domain> , dc=com

where <domain> <domain> is either oktapreview, okta, or okta-emea.

dc=xyz,dc=okta,dc=com

Search Attribute

uid

The search attribute to use when loading the username. uid means user ID.

uid

Bind DN

The distinguished name used to connect to the LDAP server.

uid=<username>,<dc=org_subdomain>,dc=<domain>,dc=com

where <domain> <domain> is either oktapreview, okta, or okta-emea.

Note: Must be an admin, but can be a Read-Only admin.

uid=abc,dc=xyz,dc=okta,dc=com

Bind Password

The the admin user’s password used to connect to the LDAP server.

password

Username

The username of the sample user used to test authentication.

abc@xyz.com

Password

The password of the sample user used to test authentication.

password

...

When you select Apache Directory Server 1.0.x in the Select Directory field:

...

Populate the fields using the values listed in the table below:

...

Setting

...

Value

...

Search Attribute

...

uid

...

User Object class

...

inetOrgPerson

...

User Object Filter

...

(objectClass=inetOrgPerson)

...

User First Name Attribute

...

givenName

...

User Last Name Attribute

...

sn

...

User Email Attribute 

...

email

...

Group Object Class

...

groupofUniqueNames

...

Group Object Filter

...

(objectClass=groupOfUniqueNames)

...

Group Name Attribute 

...

cn

...

Group Description Attribute

...

description

...

Group Members Attribute

...

uniqueMember

...

User Members Attribute

memberOf

...

, Zephyr will show advanced settings. All the fields of these settings are populated automatically:

...

Note

memberOf is not an indexed value. Using 

...

memberOf will result in slow search time.

54. Click Save to apply the changes.

...