Active Directory / LDAP Enterprise Connection
Active Directory / LDAP connections authenticate users directly against your directory. Unlike SAML, there is no browser redirect to an external IdP; AuthAction binds to LDAP and validates credentials.
Prerequisites
Section titled “Prerequisites”- Network path from AuthAction to your LDAP server (firewall rules for LDAP/LDAPS).
- A service account with permission to search the user subtree you care about.
Configuration fields
Section titled “Configuration fields”| Field | Description | Example |
|---|---|---|
| LDAP Server URL | Host and scheme; prefer ldaps:// in production | ldaps://ad.example.com:636 |
| Base DN | Search root for users | dc=example,dc=com |
| Bind DN | DN of the service account | cn=authaction-ldap,ou=service,dc=example,dc=com |
| Bind Password | Service account password (stored encrypted at rest in AuthAction) | |
| Search filter | LDAP filter; {{username}} is replaced at login. Default is often (sAMAccountName={{username}}) | (mail={{username}}) |
Step 1: Prepare Active Directory
Section titled “Step 1: Prepare Active Directory”- Create a dedicated service account with read access to user objects under your Base DN.
- Confirm LDAPS (port 636) or LDAP (port 389) is reachable from AuthAction’s environment according to your security policy.
Step 2: Configure in AuthAction
Section titled “Step 2: Configure in AuthAction”- Open Connections > Enterprise Connections.
- Select Active Directory / LDAP.
- Enter LDAP Server URL, Base DN, Bind DN, and Bind Password.
- Adjust the search filter if users log in with email instead of sAMAccountName.
- Save.
Step 3: Enable and test
Section titled “Step 3: Enable and test”- Enable the LDAP enterprise connection for the relevant applications.
- Sign in using a directory username (or email, depending on your filter) and password.