The current version of Citadel includes a module which accesses an external LDAP server and uses it for authentication, allowing Citadel to be used in environments that already employ LDAP for “single sign on.”
We support the standard POSIX schema (RFC2307). We also support the most commonly deployed non-standard schema, Microsoft Active Directory.
You will need to know the following:
- The host name or IP address of your LDAP server
- The port number on which LDAP is running (almost always 389)
- The “Base DN” for authentication (this is the DN of the portion of your directory where the user accounts are stored)
- The “Bind DN” (an account name on your server which Citadel will use to log in to LDAP to perform queries)
- The password for your Bind DN
Configure LDAP authentication by running Citadel setup and following the prompts.
Configuring the System Administrator (aide) for Citadel with the setup has some caveats! The name of the user depends on what your directory server contains:
- If Full Name of the user is set to Edward Xavier Ample, use that Full Name as System Admnistrator name.
- If First Name is Edward and Last Name is Ample, use both, as in “Edward Ample”.
- If and only if you did not set the above fields for any reason, then and only then use User Logon Name, such as example for the System Administrator name!
Again, if you only use the “User Logon Name” or “Login” while you have a complete name entered in other fields, your account will be able to log in, but you will not be an aide and you will not see the Administration menu.
We also have instructions for configuring Active Directory with Citadel in greater detail.