LDAP Authentication for Access Server VPN Users

Abstract

Access Server supports Lightweight Directory Access Protocol (LDAP) as an authentication method.

You can configure it directly in the Admin Web UI. Sign in to your Admin Web UI and click Authentication > Settings. Alternatively, you can configure this from the command line by changing the configuration key, auth.module.type.

Notice

Access Server 2.10 and newer support multiple authentication systems for your users. For instance, you can set up your end users with LDAP authentication integrated with Active Directory and create your VPN administrator accounts with local authentication. For more information, refer to Authentication System.

Connect your LDAP server and automate user management

Lightweight directory access protocol (LDAP) is a protocol used for directory service authentication. You can use LDAP to integrate Access Server with directory services, such as Active Directory, JumpCloud, and Okta.

LDAP requires configuration in the Admin Web UI before it can be used to authenticate users. These settings include the server to contact, any required bind user credentials to access the authentication backend, and the search query and user ID attribute to use for searching.

Once configured, Access Server checks the LDAP server to validate credentials when a user connects to the VPN.

Caution

Access Server can't make password changes for users in LDAP.

LDAP tutorials

In this section: