Chat now with support
Chat with Support

One Identity Safeguard for Privileged Sessions 5.7.0 - YubiKey Multi-Factor Authentication - Tutorial

[ldap]

This section contains the settings you configure when you need to use an LDAP query to map the usernames from your audited sessions to the usernames in YubiKey.

To look up the YubiKey username of the user from an LDAP/Active Directory database, configure the [ldap] section of the Safeguard for Privileged Sessions YubiKey plugin. Typically, the Safeguard for Privileged Sessions plugin queries the email address corresponding to the username from your LDAP or Active Directory database. For details on LDAP parameters, see Safeguard for Privileged Sessions YubiKey plugin parameter reference.

If you configure both the append_domain parameter and the [ldap] section of the Safeguard for Privileged Sessions YubiKey plugin, Safeguard for Privileged Sessions appends the @ character and the value of the append_domain parameter to the value retrieved from the LDAP database.

For other methods of mapping gateway usernames to YubiKey usernames, see Mapping Safeguard for Privileged Sessions usernames to YubiKey identities.

[ldap]
ldap_server_config=<Safeguard for Privileged Sessions-LDAP-server-policy-name>
filter=(&(cn={})(objectClass=inetOrgPerson))
user_attribute=CN
ldap_server_config
Type: string
Required: no
Default: N/A

Description: The name of a configured LDAP server policy in Safeguard for Privileged Sessions. For details on configuring LDAP policies, see "Authenticating users to an LDAP server" in the Administration Guide.

filter
Type: string
Required: no
Default: (&(cn={})(objectClass=inetOrgPerson))

Description: The LDAP filter query that locates the user based on the gateway username. The plugin automatically replaces the {} characters with the gateway username from the session.

filter=(&(cn={})(objectClass=inetOrgPerson))
user_attribute
Type: string
Required: no
Default: cn

Description: The name of the LDAP attribute that contains the YubiKey username.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating