LDAP Configuration

The Lightweight Directory Access Protocol (LDAP) allows your organization to connect Avo Assure with your corporate Active Directory (AD) or LDAP server. This enables centralized user authentication that is secure, consistent, and easy to manage.

Integrating Avo Assure with your organization’s Active Directory (AD) or LDAP, users can log in using their corporate credentials. This removes the need for separate Avo Assure accounts and makes login easier.

Onboarding and offboarding users in Avo Assure is easier because any changes made in the directory are automatically applied, allowing users to be granted or removed access promptly.

Key Features and Benefits

Here are the key advantages of using LDAP in Avo Assure:

  • Single Login with Corporate Credentials Users can log in to Avo Assure using their existing organization's username and password, so they don’t need separate accounts.

  • Centralized User Management Administrators can manage users, groups, and access permissions directly from the corporate directory, which automatically applies in Avo Assure.

  • Enhanced Security Passwords are not stored in Avo Assure. Authentication happens directly via the LDAP server ensuring corporate security policies are enforced.

  • Simplified Onboarding and Offboarding When a user is added or removed from the directory, their Avo Assure access is updated automatically reducing manual work and error.

  • Audit and Compliance Support Authentication events are logged through the LDAP/Active Directory, helping track access for audits and compliance.

Terminologies

  • LDAP (Lightweight Directory Access Protocol): Standard protocol for accessing and authenticating directory services such as Active Directory or OpenLDAP.

  • AD (Active Directory): The system where your organization stores user accounts, groups, and permissions. Avo Assure uses it to verify user identities.

  • TLS (Transport Layer Security) Certification: A secure LDAP (LDAPS) connection typically requires an SSL/TLS certificate to encrypt communication. If you want LDAP over TLS, a valid and trusted certificate is mandatory to ensure secure and verified connectivity.

  • DN (Distinguished Name): The full path to an object in the directory. Example: CN=ldap-user,OU=ServiceAccounts,DC=example,DC=com.

  • CN (Common Name): The name of an object (e.g., a user, group, or device).

  • OU (Organizational Unit): A logical container or folder within the directory that groups objects.

  • DC (Domain Component): Part of the domain name. For example, DC=example,DC=com = example.com.

  • Bind Principal: The service account that Avo Assure uses to connect and query the LDAP directory.

  • Bind Credentials: The password for the Bind Principal account.

This Document Includes:

Prerequisites

Prerequisites for configuring LDAP in Avo Assure.

Creating LDAP Configuration in Avo Assure

Description of LDAP configuration feilds and steps to perform LDAP Configuration.

PreviousSAML ConfigurationNextPrerequisites

Last updated

Was this helpful?