About LDAP#
This topic explains what Lightweight Directory Access Protocol (LDAP) is and how it's used in TheHive.
What's LDAP#
Lightweight Directory Access Protocol (LDAP) is a standard protocol used to access and manage directory information services over a network. It's commonly used for centralized authentication and user management.
Active Directory (AD) is Microsoft’s implementation of directory services. It uses LDAP as one of its core protocols, providing a comprehensive solution for identity and access management in Windows environments.
Benefits of using an LDAP server#
Using an LDAP server:
- Enables centralized and scalable user authentication and authorization
- Simplifies user management by syncing accounts and permissions from a single source
- Supports integration with existing directory services like Microsoft Active Directory (AD)
LDAP server usage in TheHive#
Configure an LDAP server in TheHive to enable:
- Automatic user account creation, deletion, and updates synchronized from LDAP
- Assignment of user accounts to organizations and permission profiles
Configure an LDAP authentication provider or an AD authentication provider to enable user authentication based on their LDAP credentials.
Permissions#
Required permissions
Only users with an admin-type profile that has the managePlatform
permission can configure an LDAP server in TheHive.