Configuring user search for LDAP

This section describes how to set up user search for LDAP.

Configuring user search filter

To configure the user search filter for LDAP, you must configure the User Search Filter and Group Search Base properties on the Active Directory Security Settings page. Go to Configuring Security Settings (AD/LDAP) for details about the security settings for LDAP and Active Directory.

Steps

1. Sign in to Collibra Data Quality & Observability and click in the left navigation pane.

2. Select Admin Console.
3. From User Management in the left navigation panel, select AD Security.
4. Select the Connections tab.
5. From the Connection Type dropdown menu, select LDAP.
6. In the User Search Filter input field, enter the username that was used at login.
   This will query the LDAP provider.

   Note  The filter should include an objectClass and an additional attribute to search for. It should also include a search term, such as uid={0}. Go to Configuring Security Settings (AD/LDAP).

7. In the Group Search Base field, enter the base path plus the OU where the groups are located.

   Note  This value is used after the user is found to exist in the LDAP, after searching with the user search filter. Go to Configuring Security Settings (AD/LDAP).

8. Configure the following values in either owl-env.sh or ConfigMap:
   • LDAP_ROLES_PROP_NAME
   • LDAP_USER_SEARCH_ATTRIBUTE

   For the details about the owl-env.sh script settings for Search Configuration, go to Configurations in owl-env.sh or ConfigMap.