Configuring LDAP

Avalanche allows Console users to log in to the Avalanche Console using the same information they use to log in to the network (with an LDAP/Active Directory server). It is disabled by default, but can be enabled through the Avalanche Console. When you select to use Windows Active Directory or an LDAP server, users are authenticated using standard LDAP APIs.

With LDAP login, users with network usernames can log on to the Avalanche Console as normal users. These accounts will not have any permissions assigned to them until an administrator configures permissions for each user. When an LDAP or Active Directory user logs in for the first time, Avalanche creates a user account for them that can then be assigned permissions and added to groups.

If you have configured custom user accounts through the Avalanche Console and then enable the LDAP login feature, those users configured in the Console will not be allowed to access the Console. The only users allowed to access the Console will be those that can be authenticated through LDAP login.

The default amcadmin account will always be able to log in with either authentication method.

To enable LDAP login

1.Click Tools > System Settings.

2.In the Authentication Options section, enable the LDAP option and then type the address of the LDAP server in the text box. This allows Avalanche Console users to log in to the Console using their LDAP credentials.

3.(Optional) To use a secure protocol to connect to the LDAP server, enable the Use LDAPS check box and enter your server address.

4.(Optional) If you are using LDAPS, you can choose to upload a server certificate to verify your LDAP server. The certificate must be in PEM format. This option only appears if you have enabled the Use LDAPS check box.

5.Click Save.

6.Log out of the Console.
Avalanche is now configured to recognize authenticated system users.