YArooms can integrate with your LDAP or Active Directory domain server.
By using this integration, the users in your domain will be able to login to YArooms with their network credentials, instead of an administrator having to create accounts for everyone. A user will be created the first time someone authenticates via LDAP.
To activate the integration you need to navigate to the "Integrations" page from the "Manage" menu, then click on the "Open LDAP and Microsoft Active Directory" section to see the integration status.
If the integration is not active, once you click on "Activate" the following screen will appear where you define your LDAP server details.
The parameters are explained below:
- LDAP Domain - your domain, usually the one that is also used for email; for example, YArooms's domain is yarooms.com
- Short domain name - usually it is the domain name without the suffix in uppercase
- Server IP - the publicly accessible IP address of your LDAP server; YArooms needs to connect to your server from the public Internet, so you need to ensure the IP you provide here is not a local address, like 192.168.x.x, or 10.0.x.x
- Users DN - the internal LDAP Distinguished Name for the container that holds your user records
- Conn encryption - the type of encryption your LDAP server requires to connect to
- DN auth - some LDAP setup require authentication with the full Distinguished Name; if this is the case, choose yes
- Username - a valid account name
- Password - a valid account password
The username and password you enter will not be stored by YArooms, they are only used to check if authentication can be achieved with the rest of the provided settings. Each user will enter their own credentials after the integration is active and each time YArooms will check them against your LDAP server.
To test the entered settings click on the "Test connection" button and if it is successfull you will have to only define a few more settings. These regard the first login of an LDAP user when a YArooms account will have to be created and are very similar to the settings in the Manage Users section
When LDAP is activated, group mapping is now possible. LDAP group names can be assigned to YArooms groups, so when a LDAP user account is created in YArooms it will automatically belong to the group that corresponds with the LDAP one.