LDAP/ AD Integration to UM

Hi All,

We are trying to integrate UM to the LDAP/ AD. The activities what we anticipate to perform are:

  • Create Group as Publishing, Subscribing in the LDAP/ Microsoft AD
  • In the Nirvana Enterprise Manager - Security Groups, assign this LDAP group
  • Configure all UM Authentication & Authorization would happen in LDAP/ AD

What would be the expected outcome:-
a) User tries to login to publish a message
b) User gets authenticated against LDAP/ AD
c) User LDAP/ AD Role is checked against what is assigned to the Security Group
d) Based on whether the user is assigned to this security group or not, the user should be able to/ get prevented from performing the subsequent tasks.

Would appreciate your answers to this, let me know if you have any queries.



LDAP with UM can only be used for authentication of users, i.e. checking their password. You cannot use LDAP group membership to drive authorization within UM.
You could achieve this, however, by writing some code that creates UM groups that match the LDAP groups and sets the relevant users to be members of those groups. This can be done using the public UM admin API.
You would then schedule this program to run on a regular basis, e.g. daily, depending on the anticipated frequency of group membership updates in LDAP.

Thanks Jonathan for your quick response, appreciate!!
your feedback helps me to decide on the next course of action.