Authentication Resources
The following table provides a list of resources required for LDAP configuration.
Field | Example Value | Where to find this information |
---|---|---|
Network | peered-dhs-network |
The name of the pre-configured network to use. The network can be peered or public.
Important: MarkLogic does not recommend using a public network for your LDAP service configuration.
|
Region | us-west-2 |
The region where your preconfigured network is located. See Supported Regions - AWS. |
Name | N/A | Name for this LDAP configuration. |
Security Admin DN | CN=AWS Delegated Administrator ,OU=AWS Delegated Groups ,DC=ldap ,DC=mlaas ,DC=marklogic ,DC=com |
The Distinguished Name for the Service Security Admin role. For details about the role, see Portal Security Roles for AWS and Instance Security Roles.
Note: A Distinguished Name (DN) is a sequence of Relative Distinguished Names (RDNs), which are attributes with associated values expressed by the form
attribute=value . Each RDN attribute is separated by a comma in a DN. |
DNS Address | 10.0.32.193 ,10.0.65.140 |
The comma-separated list of the IP addresses of your LDAP servers. |
Server URI | ldaps://ldap.mlaas.marklogic.com |
The URI of the LDAP server. |
Base | DC=ldap ,DC=mlaas ,DC=marklogic ,DC=com |
The starting point for search. |
Default User | CN=Admin ,OU=Users ,OU=ldap ,DC=ldap ,DC=mlaas ,DC=marklogic ,DC=com |
The LDAP default user to be used by MarkLogic. If you specify bind method as Simple, this must be a Distinguished Name (DN). |
Password / Re-Enter Password | N/A | The password for the LDAP default user account. |
Bind Method | Simple |
Default is Simple. The LDAP default user must be a Distinguished Name (DN). |
LDAP attribute | sAMAccountName |
The LDAP attribute for user lookup. |
Memberof attribute | memberOf |
The LDAP attribute for group lookup. Used to search for the groups of a user. |
Member attribute | member |
The LDAP attribute for group lookup. Used to search for the group of a group. |