Create Active Directory IDP

Create Identity Provider with Active Directory

The active directory provides users with authenticated access to apps that are deployed in ASG-Zenith Portal (On-Premises).

Perform the following steps:

  1. Login to ASG-Zenith Portal (On-Premises) as Organization Administrator.
  2. Navigate to Identity Providers and click Add. If you are creating your first Identity Provider, click Create Now.
  3. Select Active Directory as Type.
  4. Specify the following details:
    • Name: Enter a name for the identify provider. The name is used to distinguish the identity provider's connections in ASG-Zenith Portal (On-Premises).
    • Identifier: Enter a unique identifier for the identity provider connection. This helps to authorize the users with appropriate role when same user name is found in more than one directory.
    • Is Active: Specifies whether the LDAP connection is currently active or not. Set to Yes, to confirm that the connection is active.
    • Domain: Enter the domain controller where the user directory is available.
    • LDAP Host: Enter the name of the server where LDAP is hosted.
    • Port: Enter the name of the server where LDAP is hosted.
    • Search Base: Enter LDAP search base string of the Active Directory.
    • User Directory: Specifies the place where the information about users and groups is stored. Click Add and enter the Key-Value pairs of the user directories. The order of the directories you add is the order in which they will be searched for users and groups.
    • Username Key: Specifies the attribute field to use when loading the user name. Based on the setting configured on your LDAP server, use the related attribute to uniquely identify the users. For example, your LDAP server can use CN, mail, uid, or userPrincipalName to identify the users. You must, therefore, enter the relevant value in this field. For example, CN.
    • Auth Required: Specifies whether authentication is required or not. Select True, to verify the authentication of the user before accessing LDAP.
    • Admin User: This field is required only if Auth Required is set to True. Enter the user name of the LDAP administrator.
    • Admin Password: This field is required only if Auth Required is set to True. Enter the password of the LDAP admin user.
    • Test User: Click to test whether the user credentials are valid and LDAP is accessible.
    • Return Attributes: Specifies the attributes of the user to fetch from the active directory. Click Choose and select the attributes that you want to fetch.
  5. Click Save.

The Identity Provider with an active directory connection is successfully created.