Add LDAP DataStores

Adding Data Stores

  1. Navigate to your Access Gateway Instance.
  2. Select the Settings tab.
  3. Select the Data Stores pane.
  4. Select (+)> Sql Database or (+) > LDAP Database.


Configuring an LDAP Datastore

After selecting LDAP Database the Create New DataStore wizard will start, initialized for LDAP creation.

  1. Enter the following details:
    FieldDescriptionExample
    NameName used to identify the data store.My LDAP Datastore
    LDAP Connection StringURL to LDAP Server and port.ldap://myldap.example.com:10362

    Bind User

    Username used to perform reads and writes.

    CN=Administrator,CN=Users,DC=example,DC=com

    Bind User Password

    Bind User Password.

    password

    Search DN

    The base DN from which to perform the search.

    CN=Users,DC=CN=Users,DC=example,DC=com=com

    Matching Filter

    The filter used to match records returned from the Search DN.

    (mail=${email@idp})

    Caution

    Caution

    Fields used in Matching Filter clause MUST be defined as attributes for the application. If the field it not listed as an application attribute an error will result.

  2. Click the Not Validated ()button when complete.
    Okta Access Gateway will validate the connection to LDAP.
    On success the button will turn green () and show that the connection is valid.
  3. Manage Available Fields
    After validation all fields from with a data store are automatically added to the Available Fields list.
    To remove a field from the data store:
    1. Place the cursor directly before a field to be removed.
    2. Click the delete key to remove the field.

    To add a field to the data store.

    1. Place the cursor anywhere into the list of fields.
      Note that the new field will be added to the list at the position of the cursor.
      Position in the list has no impact on the availability of fields in a data store.
    2. From the list of unused fields click the name of a field to add it to the list of available fields.
    Important Note

    Important

    By default, data stores are created disabled. To use a data store activate as shown below.

Test

To test an LDAP datastore:

  1. In the row associated with the LDAP data store click the simulate button.
  2. For each LDAP field in the Matching Filter enter a value
  3. Click Test to run the simulation.
    Click Close to end the simulation.
  4. Examine the result which should return data from the data store for the provided filter fields.