Skip to main content

Cyware Threat Intelligence eXchange

Configure LDAP as the Authentication Method

You can use the Lightweight Directory Access Protocol (LDAP) directory services to authenticate users to access Cyware applications. This authentication method requires users to provide a valid username and password combination as configured in the LDAP directory to sign in to the application.

Note

Users with active accounts in User Management can sign in using their LDAP credentials. For more information, see Create User.

Feature availability matrix

CTIX Enterprise

CTIX Lite

CTIX Spoke

Yes

No

No

Before you Start

Ensure that the application servers have active network connectivity with the LDAP server.

Steps

To configure the LDAP authentication method, do the following:

  1. Go to Administration > Configuration > Authentication.

  2. Select LDAP and click Edit at the top-right corner.

  3. Enter the following details:

    • Domain Name: Enter the domain name of the LDAP server database. For example, lab.cyware.com.

    • Server IP/Domain: Enter the IP address or URL of the LDAP server database. For example, 1.1.1.1.

    • Port: Enter the port number of the LDAP server to connect to the database. For example, 389.

    • Domain Controller: Enter the details for the LDAP domain name. These details are provided by the LDAP admin of your organization. For example, com.

    • SSL encrypted: Enable this option to encrypt the application connection with the LDAP server.

    • Two Factor Authentication: Enable this option to authenticate the users using the LDAP credentials and a One-Time-Password (OTP). Two-factor authentication adds an extra layer of protection from accessing the applications. Select one of the following two-factor authentication types:

      • Email: Requires an OTP that is sent to the email ID of the user to authenticate.

      • TOTP: Requires an OTP from an authenticator application to authenticate. Users must configure a TOTP authentication application from the sign-in page, such as Google Authenticator and Okta. For more information, see Register TOTP Authenticator App

  4. Click Save.

Activate LDAP Authentication Method

Activate the LDAP authentication method to enable the users to sign in to CTIX using their LDAP directory credentials.

To activate the LDAP authentication method, do the following:

  1. Go to Administration > Configuration > Authentication.

  2. Select LDAP and click Edit.

  3. On the top-right, enable Active LDAP.

  4. Enter your LDAP server username and password and click Connect.

    Note

    CTIX does not save your LDAP server credentials.

  5. Click Save.

On the CTIX sign-in page, users can now select LDAP as an authentication method to sign in using their LDAP directory credentials.

Update User Account with LDAP Username

To update the LDAP usernames of users in User Management, do the following:

  1. Go to Administration > User Management.

  2. Under User Listing, select a user and click More > Edit on the right.

  3. Enter the LDAP directory username in Username.

  4. Click Update User.