Lightweight Directory Access Protocol Server Connection

Lightweight Directory Access Protocol (LDAP) is a protocol for connecting to a directory service and it is used for accessing and maintaining user information. Organizations may have customized user directories which follow LDAP protocol.

This feature supports a customized user directory, allowing you to add users and groups to Leapwork.

Notes:

This feature can be accessed by Leapwork Admin only.
Leapwork users can use only one directory at a time and cannot switch between Active Directory (AD) and LDAP.
Delete AD and LDAP users using Leapwork's User Management tool instead of directly from AD or LDAP.
Leapwork does not support adding both AD and LDAP users or groups.
Switching between AD and LDAP deletes existing users or groups from the previous directory.

Add Connection

To add a connection:

Click the Add button and the following pop-up appears:

https://www.leapwork.com/hs-fs/hubfs/image-png-Mar-07-2023-05-35-31-8145-AM.png?width=532&height=386&name=image-png-Mar-07-2023-05-35-31-8145-AM.png

On the Add Connection pop-up window:

Enter the title in the Title field. It should be unique.
Enter the description in the Description field.
From the Type drop-down, select the Lightweight Directory (LDAP) option:

Select LDAP and the following new fields appear:

Enter the following mandatory attributes to establish a connection with the LDAP server:
- LDAP Server
- Port
- Bind DN or User
- Bind Password

Note: For optimal performance, it is recommended to use port 389. All other attributes are optional.

You can configure these attributes based on their requirements:

Use SSL: Enables SSL/TSL encryption.
- Note 1: Customers must configure LDAP over SSL, including certificate installation. Verify the connection using an appropriate tool.
- Note 2: For optimal performance, use port 636.
Domain: The server address where the directory is hosted.
User: Authorizes the user in the LDAP directory.
Full Name: Displays the names of users authorized in the LDAP directory.
User Unique Identifier: Uniquely identifies the user based on the assigned ID.
MemberOf: Fetches groups of users logging into the platform and authorizes them accordingly.
Group: Authorizes a group in the LDAP directory.
Group Unique Identifier: Uniquely identifies the group based on the assigned ID.
Allowed Groups: Searches for new users added directly as LDAP users.
- Group names should be separated by commas to add multiple groups.
- If a new user is added but is not part of the specified group(s) in the LDAP connection settings, an error message will appear.
- If no groups are specified in Allowed Groups, the entire LDAP directory is considered for user search.
Default User Directory: This checkbox is selected by default.

Click the Save & Continue button to save the details. Once your connection is saved, a success message appears to let you know the connection is successful.

Once the connection is successfully saved, it would be added to the connections list.

Use the Edit or Delete buttons located next to the Add button to modify or remove the connection.

Add an LDAP User

Leapwork integrates with LDAP for centralized user management, allowing administrators to manage accounts and permissions securely and efficiently. Follow these steps to set up and configure an LDAP connection:

Go to User Management in the Settings section.
Click Add AD User to open a new window.

Enter the User or Group Name to authorize the user or group in the LDAP directory.
Select Access from the drop-down menu.
(Optional) Check the Team checkbox based on your requirements.

Note: The Team checkbox is only available for Leapwork Enterprise Edition users.

Click Save to save the User or Group.
To the right of the Add AD User button, use the buttons Edit, Delete and Export to change or remove user profiles or to export them in an Excel format.

Use the Edit, Delete and Export buttons next to the Add User/AD User buttons to modify, remove, or export the connection.