# LDAP / Active Directory SSO

FileMage Gateway supports synchronizing and authenticating users using LDAP from Active Directory. Users that are created from LDAP synchronization are created with no storage endpoints and no permissions. These configurations must be set in the management portal after the user is created.

Users that are created from LDAP synchronization are automatically configured to perform password authentication over LDAP. To disable this setting and use passwords stored in the application, deselect LDAP Password authentication in the edit user page.

Users that were not created from LDAP synchronization can be configured to perform password authentication over LDAP by selecting that option at any time.

If the LDAP configuration is removed from the application configuration file, all LDAP password authentication will be automatically disabled.

# Sample Configuration

The following sample configuration will synchronize users using the userPrincipalName attribute once every 60 minutes.

ldap_url: "ldap://ldap.mycompany.com:389"
ldap_username: "uid=admin,ou=system"
ldap_password: "secret-admin-password"
ldap_base_dn: "ou=users,dc=mycompany,dc=com"
ldap_username_attribute: "userPrincipalName"
ldap_start_tls: yes
ldap_sync_interval: 60

← Intrusion Prevention Database Management →