LDAP integration query

Hi Expert, I have question regarding LDAP integration.
We have successfully integrate with LDAP with below, and user LDAP can logging in

Now customer has additional requirement to smaller group of users and create cn in ldap, ou=KAWAN_GROUPS & cn=SP

and put additional parameter REQUIRED LDAP GROUP DN

but this doesnt work.
Question is above understanding correct regarding REQUIRED LDAP GROUP DN parameter?
If not, please help explain what REQUIRED LDAP GROUP DN for?

Another question, we trying use ROLE MAPPINGS in right section , when we put LDAP DN member on SYSTEM ADMIN , but after logging in user still created as DEFAULT ROLE which is Standart User. Is it expected behaviour?

For better understanding, this question come from my customer, they want to know what feature/capability of ldap integration, not much information with this parameter in morpheus doc.

Required Group means everyone authenticating to Morpheus with your LDAP integration must belong to that group to even be able to log in.

Now Required Group and Role Mappings both require group membership being passed and parsed correctly. At the lower left of the Identity Source you’ll see LDAP Attribute Names where you must define Member of Attribute Name (normally this is just ‘memberOf’):



Hi CBunge ,
Thanks for response,
actually what we want to achive is create group of user with cn inside ou, and only allow those particular user with specified cn able to login.
I found discussion reference below

But when I put parameter “USER DN EXPRESSION” with cn specified as above discussion reference cn=$username,cn=group,ou=ou1,dc=tc,dc=local, it always give error, and couldnt do SAVE CHANGES.

Any insight?

Your logs under Administration > Health > Morpheus Logs would give you more insight on why the save is possibly failing. It may be best to open a support ticket if you continue to have issues.

Also, a note, if you are using OpenLDAP you’ll need to be on at least Morpheus 6.0.1 per that previously linked thread.