...
Create Authentication Policy
Name the authentication policy and select Authentication Method LDAP + Database with Roles
Select Linked authentication Database created previously for Yarngate
Configure LDAP authentication
The LDAP server address should be in the format LDAPS://<FQDN>:<port> - Note that LDAP:// can be used but passwords will not be encrytped encrypted in transit
Verify TLS/SSL certificates can be enabled - Note that the LDAPS server certificate or trusted root CA certificate must be uploaded via the administration app
LDAP username match regex can be used to match username formats - This is a generic username match regex that can be adjusted as needed(^[A-Za-z0-9]+(?:[ _-][A-Za-z0-9]+)*$)
LDAP replace regex allows to adding prefixes/suffices to suite the authentication requirements such as adding a domain suffix
Save the authentication policy - Note that new tabs will now become visablevisible
Configure LDAP authorisation and roles
The LDAP interface field is optional - this can be used if an out of band check using another LDAP user is required for LDAP user group search on LDAP, . If this option is not selected, the LDAP groups are retreived using the authenticated LDAP user
Base DN - provide the base DN for LDAP searches
Username Match Field - this is the LDAP username field used typically sAMAccountName
LDAP group to role mapping - this provide a mapping from LDAP groups to the Autentication Database roles defined previously. The LDAP groups can be entered in as global group name of LDAP distingushed name
...