Add LDAP DataStores
- Navigate to your Access Gateway Instance.
- Select the Settings tab.
- Select the Data Stores pane.
- Select (+)> Sql Database or (+) > LDAP Database.
After you select LDAP Database, the Create New DataStore wizard opens, initialized for LDAP data stores .
- Enter the following details:
Field Description Example Name Name used to identify the data store. My LDAP data store LDAP Connection String URL to LDAP server and port. ldap://myldap.example.com:10362
Username used to perform reads and writes.
Bind User Password
Bind User Password.
The base DN from which to perform the search.
The filter used to match records returned from the Search DN.
Fields used in Matching Filter clause must be defined as attributes for the application. If the field is not listed as an application attribute, a run time error will result.
Attributes used exclusively in where clauses should be marked don't send.
See Manage application attributes for more information.
Click the Not Validated ()button when complete. Okta Access Gateway validates the connection to LDAP.
If the validation is successful, the button changes to Valid ().
Manage available fields
To remove a field from the data store:
- Place the cursor directly before a field to be removed.
- Click the keyboard delete key to remove the field.
To add a field to the data store:
- Place the cursor anywhere in the list of fields.
Note: The new field is added to the list at the position of the cursor. Also, the position in the list has no impact on the availability of fields in a data store.
- From the list of unused fields, click the name of a field to add it to the list of available fields.
When data stores are created, they are set to inactive by default. To use a data store, activate it by changing the Active toggle from inactive to active.
To test an LDAP data store:
- In the row associated with the LDAP data store, click Simulate.
- For each LDAP field in the Matching Filter, enter a value.
- Click Test to run the simulation.
Click Close to end the simulation.
- Examine the result. It should be the data returned from LDAP based on the filter values supplied earlier.