By integrating with your Lightweight Directory Access Protocol (LDAP) directory, you can enable LDAP-based user accounts to authenticate with Acquia DAM Classic. The integration should be handled by your company’s LDAP admin, who must have an Acquia DAM Classic account with admin privileges.
Configuring an LDAP connection
To establish an LDAP connection from Acquia DAM Classic, complete the following steps:
Sign in to Acquia DAM as an admin.
Click the gear icon in the upper right corner of the page, and then click System Preferences.
In the left menu, scroll to LDAP Settings.
Enter values in the following fields to provide your LDAP Server settings:
Enable checkbox - Select this checkbox to enable LDAP authentication for Acquia DAM Classic after you have completed and verified your configuration.
Server - LDAP server hostname or IP address
Base DN - Search Base Distinguished Name (DN), such as in the following example:
ou=users, dc=company, dc=comPort - Common ports are 636 for SSL connections, and 389 for non-SSL connections, including TLS. Ensure proper firewall access is enabled to the Acquia DAM Classic production IP addresses (
52.70.22.230,52.70.142.178)SSL checkbox - Select this checkbox if SSL LDAP port is in use
Username - (not necessary for an anonymous bind) The Bind DN. For example,
cn=service_account, ou=admin, dc=company, dc=comPassword - (not necessary for anonymous bind) Password for Bind DN
Groups - (optional) Group membership of the LDAP user account, for example,
usersSearch - Attribute to locate LDAP user account, such as
uid. For Active Directory setups, use:sAMAccountName
To test your connection, in the Test Connection panel enter a Username and Password, and then click Test Connection. Possible test status messages are listed in the connection messages table.
In the Settings panel, select Enable to enable LDAP authentication in Acquia DAM Classic.
Click Save to commit your changes.
Users can now sign in using their LDAP credentials.
Verifying your LDAP login
Complete the following steps to verify that LDAP logins are functioning correctly:
Go to
http://company.example.com/splash.phpto test the LDAP login, replacingcompany.example.comwith your company’s domain name.At the sign-in page, enter a username and password that reside in the LDAP database, and then click Login. If the login is successful, you will receive a Registration successful notification. If the login was not successful, refer to the connection messages table.
Approving new users by default
If you would like new user accounts propagated from LDAP to be approved by default, complete the following steps:
Sign in to Acquia DAM as an admin.
Click the gear icon in the upper right corner of the page, and then click System Preferences.
In the left menu, scroll to Preferences.
In the Users and Groups section, clear the New users must be approved after registering checkbox. This change will take effect immediately.
Connection messages
The following table describes possible connection messages from Acquia DAM Classic when testing your LDAP connection:
Message | Description |
|---|---|
Success. Was able to connect and authenticate user | LDAP configuration is successful. LDAP authentication is ready to be enabled in Acquia DAM Classic. |
LDAP error message: (-1) - Can’t contact LDAP server | Acquia DAM Classic is unable to connect to LDAP server. Allow proper firewall access to LDAP server and LDAP port for the Acquia DAM Classic Production IP addresses 52.70.22.230 and 52.70.142.178. |
LDAP error message: (34) - Invalid DN syntax | Bind DN is misconfigured. Supply proper Bind DN credentials or remove for Anonymous binds. |
LDAP error message: (49) - Invalid credentials | Supplied LDAP credentials may be incorrect. Submit proper LDAP credentials. The attribute search may also be incorrect. Make to supply correct attribute to locate LDAP account. |