Configuring LDAP authentication - Cloud

Talend Cloud Data Catalog Administration Guide

Version
Cloud
Language
English (United States)
Product
Talend Cloud
Module
Talend Data Catalog
Content
Administration and Monitoring
Data Governance
An LDAP user is automatically created as a result of a successful LDAP authentication login. The user/password combination must be valid for the LDAP authentication connection definitions and query rules.

Before you begin

  • You have been assigned a global role with the Security Administration capability.
  • You have already created a user.

Procedure

  1. Go to MANAGE > Users.
  2. In the Authentication field of the toolbar, select LDAP from the drop-down list.
  3. Click the Configure authentication icon next to the drop-down list.
  4. In the Connection tab, select the type of LDAP system.
    If you select Custom, specify more information in the Attribute Mappings tab.
  5. Fill in the connection information such as the URL or domain name, username, matching password and the session timeout.
    You must have sufficient privileges to query the needed LDAP users and groups.
  6. In the Attribute Mappings tab, enter the mapping information for the LDAP user attributes.
  7. Go to the Group Assignment tab to assign automatically groups based on the LDAP security model.
    • Click Add then enter a name for the query and define the group to be associated with the users in the query.
    • To assign groups by group name, click the Browse icon in the Group entry, enter a group name in the LDAP system and select the Distinguished Name for that group.
    • To specify a search filter and include individual users, specify a search root such as CN=company,CN=Users,DC=company,DC=local, then click the Browse icon in the search filter entry and select users in that filter.
    • To specify a search filter and exclude individual users, specify a search root such as CN=company,CN=Users,DC=company,DC=local, then use the following syntax (&(!(sAMAccountName=username1))(!(sAMAccountName=username))) and click OK.

    When creating the first LDAP query for group assignment, you switch from native and manually managed group assignment to LDAP driven and automatic group assignment for all LDAP users. Any LDAP user will lose any previous native group assignment at the next login.

    When deleting the last LDAP query for group assignment, you switch from LDAP driven group assignment to native group assignment. Any LDAP user will be associated with the Guest group, until the users are manually assigned to other groups.

  8. Click Test and save your changes.