Skip to main content

Agility Sync LDAP/Active Directory Configuration

This topic explains how to configure LDAP or Active Directory for user authentication in Agility Sync.

Overview

This article describes the process of setting up Continuum user authentication with LDAP or Active Directory.

Agility Sync Application Authentication

Agility Sync supports two forms of user authentication: local authentication or Active Directory/LDAP. In the case of local user authentication the user ids and passwords are stored in the Agility Sync database (passwords encrypted). When a user request is made to login to Agility Sync and the user is a local account, the password provided is compared to the password in the Agility Sync database.

If the user is an LDAP/AD user account, the user id / password provided is submitted using LDAP to the directory service and the determination is made when the account can log in. These LDAP/AD accounts must be predefined in Agility Sync, but the password is not stored in Agility Sync or logged in any way.

Point Configuration to LDAP/AD

Log in to the Agility Sync user interface as a user with administrator access. Using the menu on the right, navigate to Administration, Manage Settings. In the top menu, select Settings, then System on the left tab.

There are three settings that will potentially need to be modified: LDAP/AD Port, LDAP/AD Server, LDAP/AD SSL. The Server setting is the only required setting, if Port is not changed then Agility Sync will use the default ports for LDAP/AD. If SSL is not changed Agility Sync will not use SSL.

The LDAP/AD Server setting should be the FQDN or IP address of the Active Directory or LDAP service. Click the "+" plus sign on the row of the setting and enter the server address. Do the same for the Port and SSL settings if needed. The SSL setting is a checkbox.

When you are finished with making the changes, click the blue "Save" button in the upper right corner. This settings page DOES NOT auto-save.

You must restart the Agility Sync user interface web server using the following command:

ctm-restart ctm-ui

Create a Test Account

Log in to the Agility Sync user interface using an administrator account. In the upper right menu, select Administration, Manage Settings. In the top menu select Users.

Create a new user account and fill in the values for Login ID, Full Name and Email Address. The Login Id can be in the following two forms:

userid@domain.example.com

Or

domain\userid

Change Authentication Type to ldap and save the user account.

From the upper right menu, select Log Out. Log back in using the new user account to verify that LDAP / AD authentication is working properly.

Troubleshooting

If there are problems with connecting to LDAP / AD the log in which the specific errors will appear can be found on the Agility Sync server:

/var/continuum/log/ctm_ui.log

Typical issues consist of wrong LDAP server address, wrong port (default is 389), network connectivity, and so on.