LDAP Authentication Overview
LDAP users can log in to Paragon Automation using their LDAP credentials. You can use Active Directory installed on Windows Server 2012 R2 or OpenLDAP version 2.4 for implementing LDAP in Paragon Automation. To facilitate authentication by LDAP. Paragon Automation maps the LDAP user groups to user groups created within Paragon Automation.
A typical workflow of LDAP-based authentication involves the following steps:
-
An LDAP administrator configures LDAP group in an external server and adds users to the LDAP group.
-
The Paragon Automation administrator configures LDAP settings (for example, LDAP server address, SSL certificate, port number to be used to connect with the LDAP server for SSL communication, and so on) in Paragon Automation; see Configure LDAP Settings.
-
The Paragon Automation administrator adds a user group for LDAP users in Paragon Automation and then:
Note:The Paragon Automation administrator may or may not be the same as the LDAP administrator.
-
maps the user group to the LDAP user group.
Note:The value of the Mapping Provider Group attribute should be the same in both Paragon Automation and LDAP server.
-
assigns roles to the user group for authorization.
-
assigns users to that user group.
See Add User Groups.
-
When an LDAP user logs in to Paragon Automation by using their LDAP credentials, Paragon Automation sends a request for authenticating the user to the LDAP server. After the LDAP server successfully authenticates the user, Paragon Automation enforces access control on the user based on the roles that the Paragon Automation administrator previously assigned for the user group.