Implement LDAP Authentication

Lightweight Directory Access Protocol (LDAP) is an open standard Internet protocol running over TCP/IP that is designed to maintain and work with large user directory services. It provides a standard way for applications to request and manage user and group directory information. LDAP performs simple Select operations against large directories, in which the goal is to retrieve a collection of attributes with simple qualifications, for example, Select all the employees' phone numbers in the support division.

An LDAP authentication system consists of two components: an LDAP server and an LDAP directory. An LDAP server is a program that implements the LDAP protocol and controls access to an LDAP directory of user and group accounts. An LDAP directory is the storage location and structure of user and group accounts on an LDAP server. Before information from an LDAP directory can be searched and retrieved, a connection to the LDAP server must be established.

If you use an LDAP directory to centrally manage users in your environment, you can implement LDAP authentication in MicroStrategy. Group membership can be maintained in the LDAP directory without having to also be defined in Intelligence Server. LDAP authentication identifies users in an LDAP directory which MicroStrategy can connect to through an LDAP server. Supported LDAP servers include Novell Directory Services, Microsoft Directory Services, OpenLDAP for Linux, and Sun ONE 5.1/iPlanet. For the latest set of certified and supported LDAP servers, refer to the Readme.

The high-level steps to implement LDAP authentication are as follows:

1. Review the LDAP information flow, described in LDAP Information Flow.
2. Depending on your requirements, collect information and make decisions regarding the information in Checklist: Information Required for Connecting Your LDAP Server to MicroStrategy.
3. Run the LDAP Connectivity Wizard to connect your LDAP server to MicroStrategy, as described in Setting up LDAP Authentication in MicroStrategy Web, Library, and Mobile.
4. To make changes in your LDAP configuration, use the procedures described in Manage LDAP Authentication.

You can also set up MicroStrategy Office to use LDAP authentication. For information, see the MicroStrategy for Office Help.