The LDAP Authenticator is a utility component which enables users to login to the Iguana application with an organization’s Active Directory credentials using LDAP (Lightweight Directory Access Protocol) for external authentication of users. For use with other directory services, the LDAP Authenticator component will need to be modified.
When a user logs into Iguana through LDAP, Iguana assigns the User a Role Tag corresponding to the Active Directory Group. For example, if in the Active Directory, user John was a member of the groups dev
and support
then in Iguana, John would have the tags #dev
and #support
.
If a Role matching the #tag already exists in Iguana, the defined permissions will be in effect. If a new #tag is assigned, a corresponding Role will need to be created with defined permissions.
Connecting the LDAP Authenticator component to your Active Directory
Prior to setting up the LDAP Authenticator component, you will need to create an Iguana Service account in your Active Directory. Iguana will use this account’s credentials to authenticate the users trying to login using LDAP and update the information of users logged in through LDAP. Please make sure the Iguana Service account has the necessary scope.