LogoLogo
3.6.9
3.6.9
  • Introduction
  • Getting started
    • Installation
      • Prerequisites
        • Server requirements
      • On-premises
        • Single-node
          • Directory structure
        • Multi-node
      • Azure Market Place
      • AWS Market Place
    • Tutorials
      • Amazon AWS CUR
      • Amazon AWS CUR (Athena)
      • Azure Stack
      • Azure EA
      • Azure CSP
      • Google Cloud
      • VMware vCloud
      • VMware vCenter
    • How-to guides
      • How to configure receiving a monthly billing report
      • How to automatically trigger a monthly billing report
      • How to update your license
      • How to store contract information with an Account in a report
      • How to automatically send workflow errors as webhooks to a monitoring system
    • Concepts
      • User interface
      • Services
    • Releases
      • Upgrading to version 3
      • Known issues
      • Announcements
      • Archive
  • Reports
    • Accounts
    • Services
    • Instances
    • Summary
    • Budget
  • Services
    • Manage
    • Rates
      • Tiered Services
        • Aggregation Levels and the Account Hierarchy
    • Adjustments
    • Subscriptions
  • ACCOUNTS
    • Budget management
  • Data pipelines
    • Extract
      • Configuration
      • Extractor templates
      • Script basics
      • Parslets
      • Subroutines
        • check_dateformat
        • check_dateargument
        • format_date
        • validate_response
      • Language
        • aws_sign_string
        • basename
        • buffer
        • csv
        • clear
        • decimal_to_ipv4
        • discard
        • encode
        • encrypt
        • environment
        • escape
        • exit_loop
        • foreach
        • generate_jwt
        • get_last_day_of
        • gosub
        • gunzip
        • hash
        • http
        • if
        • ipv4_to_decimal
        • json
        • loglevel
        • loop
        • lowercase
        • match
        • pause
        • print
        • return
        • save
        • set
        • subroutine
        • terminate
        • unzip
        • uppercase
        • uri
        • var
    • Transform
      • Configuration
      • Transformer templates
      • Transform Preview
      • Language
        • aggregate
        • append
        • calculate
        • capitalise
        • convert
        • copy
        • correlate
        • create
        • default
        • delete
        • dequote
        • environment
        • event_to_usage
        • export
        • finish
        • Functions
        • if
        • import
        • include
        • lowercase
        • normalise
        • option
        • rename
        • replace
        • round
        • services
        • set
        • sort
        • split
        • terminate
        • timecolumns
        • timerender
        • timestamp
        • update_service
        • uppercase
        • var
        • where
    • Datasets
    • Lookups
    • Metadata
    • Reports
    • Workflows
  • Administration
    • User management
      • Users
      • Groups
    • Notifications
      • Budget Notifications
      • Report notifications
      • Workflow notifications
    • Settings
      • Global Variables
      • White Labeling
  • Advanced
    • Integrate
      • GUI automation
        • Examples
      • API docs
      • Single sign-on
        • Claims-based identity provisioning: users, Account access and user groups
        • Azure-AD
        • Auth0
        • OKTA
        • OneLogin
        • ADFS
        • LDAP
    • Digging deeper
      • Authentication flows
      • Transformer datadate
      • Dataset lifecycle
      • Config.json
      • Databases
  • Security
    • Security
    • Authentication
      • Token
      • LDAP
      • SAML2
    • Password reset
    • Password policy
    • Announcements
  • Troubleshooting
    • Logs
  • Terms & Conditions
  • Privacy Policy
Powered by GitBook
On this page
  • Setting up LDAP in Exivity
  • Setting up your security certificate

Was this helpful?

Export as PDF
  1. Advanced
  2. Integrate
  3. Single sign-on

LDAP

Quick guide to setup LDAP access protocol in Exivity

PreviousADFSNextDigging deeper

Last updated 3 years ago

Was this helpful?

Setting up LDAP in Exivity

Make sure you have Administrator rights when performing the following steps.

First, go to Administration > Settings > Single sign-on and choose the LDAP tab:

Fill in the required Server and Attributes section parameters, and click on UPDATE.

Server section:

Parameter

Explanation

Domain controllers

The domain controllers option is an array of servers located on your network that serve Active Directory. You can insert as many servers or as little as you'd like depending on your forest (with the minimum of one of course). Separate multiple servers with a single space.

Port

Depending on your chosen encryption use 389 (unencrypted or TLS) or 636 (SSL)

Timeout

The timeout option allows you to configure the amount of time in seconds that your application waits until a response is received from your LDAP server.

Encryption

Choose your desired encryption, SSL and TLS are supported. If you choose encryption make sure you read the section Setting up your security certificate.

Attributes section:

Parameter

Explanation

Base DN

The base distinguished name is the base distinguished name you'd like to perform query operations on. (optional)

Account prefix

The account prefix option is the prefix of your user accounts in LDAP directory. This string is prepended to all authenticating users usernames. (optional)

Account suffix

The account suffix option is the suffix of your user accounts in your LDAP directory. This string is appended to all authenticating users usernames. (optional)

Default user group

When a new user logs in using LDAP, a user will be created in this user group. (recommended)

Finally, go to the System tab, in the Core section, set the Single Sign-On parameter to Local and LDAP Authentication and click on UPDATE.

Now Exivity is configured to login users using LDAP authentication.

Setting up your security certificate

This section only needs to be performed if you have chosen encryption SSL or TLS to authenticate with LDAP. These steps are done in the Exivity server side.

Once you have your pem certificate stored in the server hard drive, take a note of its path, and create a system environmental variable LDAPTLS_CACERT . The value of this environment variable will be the certificate full path.

Finally, restart the Exivity Web Service.

If you don't have a certificate in .pem format you can convert your current certificate with the .

OpenSSL tool
Setting SSO to LDAP
Restarting the Exivity Web Service in Task Manager