[LDAP Authentication] I need to implement AD in my espace.

[LDAP Authentication] I need to implement AD in my espace.

  
Forge Component
(0)
Published on 2017-12-10 by Vijay Malviya
0 votes
Published on 2017-12-10 by Vijay Malviya

I need to implement AD in my espace. I have Users (User Provider) in my project.

I am novice and would need to help to understand the steps to implement AD?

Hi Saswata,

What is your use case? What help you need?

Thanks and Regards,

Suraj Borade

Suraj Borade wrote:

Hi Saswata,

What is your use case? What help you need?

Thanks and Regards,

Suraj Borade

Hi Suraj,

Good Morning!

I have a requirement to implement AD in my project. I am a .net programmer and very new to this low code platform. Could you please guide me how to start? I have a epace(my project) with Users component/module which is currently used while logging to the application. 

I had seen few articles and someone has suggested to use an Active Directory component from forge and few say just select few dropdowns/checkboxes for AD in the Users module and AD works in Ousystems not sure.

I will be very grateful to you on this. Thanks for the help in advance.


Hi Saswata,

If you just need AD for authentication, no need using Active Directory component from the Forge.

It's already built-in in Users user provider espace.


Just choose Active Directory in the first option, and set default domain, then Save.

You have to make sure that your front-end server also join Active Directory domain, or it will not work.


If you cannot make your front-end server join domain (or any other reasons), you can use LDAP option.

Just set LDAP URL with your AD server IP address or hostname.


A bit of caution though (for others reading this):

This LDAP option was designed to connect to Active Directory only.

You cannot connect to OpenLDAP or something, because it queries Active Directory specific attributes.

I learned this the hard way, until Outsystems Support Team reveal this limitation to me.



There is also another way to do this programmatically (well, still low code).

You can manage dependency, find Authentication module.

Inside you will find server action that can help you authenticating with Active Directory.

You can use either:

- ActiveDirectory_ValidateLogin (need front-end server join AD domain) or

- LDAP_ValidateLogin (allow you to specify ip address/hostname)

- LDAP_Login (I never use this, usually ValidateLogin was enough for my use case)


Hope it help...