Metacloud administrators manage project role authorization using the Identity service, while providing user authentication through the LDAP directory. The Identity service stores user credentials in a SQL Database and a Lightweight Directory Access Protocol (LDAP)-compliant directory server. LDAP simplifies integration of Identity authentication with an organization’s existing directory service, like Active Directory (AD), and user account management process. Authentication requests received by the Identity service delegate to the LDAP system.
The Identity v3 service allows for multiple domains. This means that a domain could have a different authentication back end. A domain contains information for user roles, groups, and group member lists. Administrators integrate LDAP by mapping the organizational unit in the LDAP directory to a role or a group of users in the Identity service domain. A successful authentication generates a token used for accessing authorized services available to your group or role.
To register an LDAP-based account:
If your Metacloud contains a domain that is configured to authenticate using an LDAP-compliant directory service, the Register User dialog is available for you to register your account for Metacloud access.
- In the Dashboard Log In page, select First time user? Register Here.
Provide your Active Directory user name, email address, and password.
The Register User form requires your full email address.
- Once you register, you can use your LDAP user name and password to log in to Metacloud.
When using LDAP, do not change your password using the Metacloud Dashboard. Change your password according to the policies of your organization and then use your new password to log in to Metacloud. If you have any concerns regarding a Dashboard or CLI login failure, contact your Metacloud administrator.