Configuring LDAP

Many organizations store information about their users and groups in directory services that support the Lightweight Directory Access Protocol (LDAP). The Content Manager provides authentication and authorization services for these users based on their group memberships. To enable these features, you must configure information about the LDAP-accessible server in the Content Manager.

You can use LDAP Authentication with all parts of the SDL Tridion system that require user authentication:

  • Content Manager Explorer
  • WebDAV Connector
  • Business Connector (deprecated)
  • Core Service
  • Content Porter
  • Visio Workflow Designer
  • Compound Template Designer

Note that where these parts take the form of a virtual folder or Web application, its authentication settings must be the same as for the Web site.

If you configure LDAP integration, you cannot configure single sign-on integration with an SSO server like SiteMinder or TAM, and vice versa.

After configuring the directory service settings, system administrators can import users from the LDAP-accessible server to the Content Manager and create mappings between LDAP groups and groups within the Content Manager. These tasks are described in Users and Groups.

The procedure described in this section is intended for a trained LDAP administrator.