Configure LDAP to manage user roles

You can use Active Directory and LDAP authentication with the Conductor to streamline user account management. When LDAP is configured, users can choose to log in with an LDAP account on the Conductor login page. See Configure LDAP authentication on Conductor and Airwall Edge Services.

  1. Log in to the Conductor with a System Administrator account and go to Settings > Authentication > External authentication providers.
  2. Next to LDAP, and click Next.
  3. Enter the LDAP host settings (see LDAP host settings), and click Test Connection to validate that your LDAP settings are valid, then click Next.
  4. Enter the LDAP search settings (see LDAP search settings) and click Test LDAP search to validate that the your LDAP search is valid. Once the test confirms a valid LDAP search, click Next.
  5. Determine whether you want to use LDAP groups to manage Conductor user roles:
    • To use LDAP groups: Enter the LDAP group settings (see LDAP group settings), and click Test to verify the group settings. Once the test confirms your group settings, click Finish.
    • No LDAP groups: If you do not want to use LDAP groups, simply click Finish.
Your LDAP configuration is now complete, and can be managed as needed in Settings > Authentication.
Note: TLS LDAPS communication occurs over port TCP 636. LDAPS communication to a global catalog server occurs over TCP 3269. When connecting to ports 636 or 3269, SSL/TLS is negotiated before any LDAP traffic is exchanged.