Admin: LDAP
LDAP
LDAP (Lightweight Directory Access Protocol) is supported by many identity management systems such as M$ Active Directory, as well as open source alternatives like Apache Directory.
CSUM requires LDAP configuration to be added, and referred int he Admin: “Space Group Config” page. Once configured Space Admins are empowered to pull in users data from LDAP when they dynamically adding new users into groups, without the System Admin being involved.
Q. Why doesn’t CSUM use the LDAP configuration in Confluence
A. It’s not easily accessible, and would not allow the low level finesse that we like to show in apps.
Example Configuration for Active Directory
Creating from example:
We get a configuration, that is listed as INACTIVE (as it is not yet referred to by the Admin: “Space Group Config” page)
Typical attributes are as follows, the “Test Lookup Username” enables the configuration to self validate for connectivity and lookup:
Testing and debugging with LDAP
We added a handy query utility, that allows an LDAP filter expression to be used to locate users, here ‘sAMAccountName’ represents the username in Active Directory. The users shown in Results can be expanded to show the typical attributes (there is no special decoding of some binary fields, so junk can appear).
Confluence Allowlist
CSUM requires LDAP host urls to be whitelisted, LDAP will not work until this is done, you will see:
Configuration example