Editing LDAP Servers

To edit an LDAP server profile:

  1. In the menu, click Administration > System Settings .
  2. Click the LDAP Servers tab.
  3. Click the name of the LDAP server profile you want to edit. The Edit LDAP Server dialog box appears.
  4. Type a Name for the server and optionally a Description. You can define any name for the LDAP server; this field has no impact on the actual LDAP settings.
  5. Check the Active check box to activate the server for use with Silk Central. If unchecked, the LDAP server's services are not available to Silk Central.
  6. Type the Hostname or IP-address of the LDAP server and the Port used for the LDAP service. The default port is 389. When using SSL, the default LDAP port is 636.
  7. Check the Use SSL check box to connect to the server through SSL. This check box is closely related to the settings defined in the Port field. For additional information on setting up the communication with SSL, see Communicating with an External System Over SSL.
  8. Optional: Specify a Domain if your users should log in to Silk Central with the pattern <domain>\<username>. Leave this field empty if your users should log in to Silk Central without entering a domain name. If your Silk Central installation consists of multiple clients, make sure that the specified LDAP domain name does not conflict with any of your client names, as the login pattern <domain>\<username> is also used for logging in to specific clients.
  9. Optional: In the Bind DN field, type the domain name of the user who is to be used to bind to the LDAP service. This user must have read rights on the directory from the given Base DN root. If this field is left empty, anonymous access will be used, except for LDAP servers that do not support anonymous access.
  10. Type the Password of the user defined by Bind DN. This is not required when anonymous access is allowed.
  11. Type the Base DN root for LDAP queries. For example DC=yourcompany,DC=com.
  12. Optional: Type the User Filter that is to be used for querying LDAP.

    Example: (memberOf=CN=Development,CN=Users,DC=yourcompany,DC=com)

    This example queries the LDAP server for the logged in Silk Central user, but only if the user is a member of the Development team. This may be useful for example if you enable the automatic account creation, but want Silk Central to create accounts only for members of a certain LDAP group.

  13. Optional: To filter your LDAP query by specific groups for the Import LDAP Group functionality, specify a Group Filter. The syntax is identical to the syntax used for the User Filter field.
  14. Click Configure LDAP Properties to map your LDAP attributes to Silk Central's user and group settings. This is essential if you plan to import users from your LDAP server into Silk Central.
  15. Optional: You can let Silk Central automatically create a Silk Central user account when a user logs in to Silk Central for the first time. If the user account with the entered login name does not exist in Silk Central, the entered credentials are authenticated against the LDAP server. If this succeeds, a new account with the supplied login name and password is created in Silk Central. Newly created accounts initially copy the general settings, including the dashboard settings, from the selected Silk Central user, which acts as a template. First name, last name and email address are queried from the LDAP values. To do this, click Configure next to User account creation. On the User Account Creation dialog box, select a Silk Central user from the list. Depending on your LDAP configuration, you may need to adapt the LDAP values for first name, last name and email address.
  16. Click Test to perform a test connection to the LDAP server. For more information, see Testing LDAP Servers.
  17. Click OK to save your settings.