Skip to main content
All CollectionsAdministration
LDAP Connection Setup
LDAP Connection Setup
Asaf Cohen avatar
Written by Asaf Cohen
Updated over 4 months ago

This guide will walk you through the process of setting up an LDAP (Lightweight Directory Access Protocol) connection with Next Plus. LDAP is commonly used for authentication and directory services, allowing you to integrate your existing user directory with Next Plus.

Accessing LDAP Settings

1. Log in to Next Plus as an administrator.

2. Navigate to the Settings or System Settings section.

3. Look for "Authentication" or "LDAP Settings" and click to access the configuration page.

LDAP Configuration Fields

General Settings

1. Enabled: Toggle this switch to enable or disable LDAP authentication.

2. Domain Controllers:

- Enter the IP addresses or hostnames of your LDAP servers.

- You can add multiple domain controllers for redundancy.

- Format: Enter each domain controller separately.

3. Port:

- Enter the port number on which your LDAP server listens.

- Common ports: 389 (unencrypted LDAP or STARTTLS), 636 (LDAPS)

4. Encryption:

- Choose the encryption method for the LDAP connection.

- Options: LDAPS, None

- LDAPS is recommended for security.

5. Allow Self Signed Certificate:

- Enable this if your LDAP server uses a self-signed SSL certificate.

- Note: This is less secure and should only be used in testing environments.

Base Configuration

6. Base DN:

- Enter the base Distinguished Name (DN) for your LDAP directory.

- Format example: "dc=domain,dc=com" or "ou=unit,dc=domain,dc=com"

- This depends on your Active Directory configuration.

7. Default Email Domain:

- Enter the default email domain for your organization.

- Used when an LDAP user doesn't have an email address specified.

- Example: If set to "company.com", a user "john" without an email would get "[email protected]".

Authentication

8. Service Account Username:

- Enter the username of an LDAP account with read permissions for users.

- Format example: "[email protected]"

9. Service Account Password:

- Enter the password for the service account.

Attribute Mapping

10. Attribute Mapping:

- Map Next Plus user fields to corresponding LDAP attributes.

- Common mappings:

- Username: sAMAccountName

- Display Name: displayName

- Email: mail

- First Name: givenName

- Last Name: sn

- Groups: memberOf

Role and Group Mapping

11. Role Mapping:

- Map Next Plus roles to LDAP groups.

- This determines what permissions users get based on their LDAP group memberships.

12. Group Mapping:

- Map Next Plus groups to LDAP groups.

- This allows you to organize users in Next Plus based on their LDAP group memberships.

Additional Settings

14. LDAP Network Timeout:

- Set the number of seconds before a connection attempt to LDAP times out.

- Default is usually 5 seconds.

Saving and Testing

After configuring the LDAP settings:

1. Click the "Save" button to apply your changes.

2. It's recommended to test the LDAP connection by attempting to log in with an LDAP user account.

3. If you encounter issues, check your server logs and LDAP configuration for any errors.

Remember to ensure that your firewall and network settings allow communication between Next Plus and your LDAP server on the specified port.

For any additional assistance or troubleshooting, please contact your system administrator or Next Plus support.

Did this answer your question?