Configuring LDAP authentication - 7.3

Talend Data Catalog Administration Guide
Version
7.3
Language
English
Product
Talend Big Data Platform
Talend Data Fabric
Talend Data Management Platform
Talend Data Services Platform
Talend MDM Platform
Talend Real-Time Big Data Platform
Module
Talend Data Catalog
Content
Administration and Monitoring
Data Governance
Last publication date
2022-06-13
An LDAP user is automatically created/updated as a result of a successful LDAP authentication login. The user/password combination must be valid for the LDAP authentication connection definitions and query rules.

Before you begin

  • You have signed in as a user assigned to the Administrators or Security Administrators group.

  • You have already created a user.

Procedure

  1. Go to MANAGE > Users.
  2. In the Authentication field of the toolbar, select LDAP from the drop-down list.
  3. Click the Configure authentication icon next to the drop-down list.
  4. In the Connection tab, select the type of LDAP system.
    If you select Custom, specify more information in the Attribute Mappings tab.
  5. Fill in the connection information such as the URL, username and matching password.
    You must have sufficient privileges to query the needed LDAP users and groups.
  6. In the Attribute Mappings tab, enter the LDAP user attributes.
  7. Go to the Group Assignment tab to assign automatically groups based on the LDAP security model.
    • Click Add then enter a name for the query and define the group to be associated with the users in the query.
    • To assign groups by group name, click the Browse icon in the Group entry, enter a group name in the LDAP system and select the Distinguished Name for that group.
    • To specify a search filter and include individual users, specify a search root such as CN=company,CN=Users,DC=company,DC=local, then click the Browse icon in the search filter entry and select users in that filter.
    • To specify a search filter and exclude individual users, specify a search root such as CN=company,CN=Users,DC=company,DC=local, then use the following syntax (&(!(sAMAccountName=username1))(!(sAMAccountName=username))) and click OK.

    When creating the first LDAP query for group assignment, you switch from native and manually managed group assignment to LDAP driven and automatic group assignment for all LDAP users. Any LDAP user will lose any previous native group assignment at the next login.

    When deleting the last LDAP query for group assignment, you switch from LDAP driven group assignment to native group assignment. Any LDAP user will be associated with the Guest group, until the users are manually assigned to other groups.

  8. Click Test and save your changes.