One of the most important and required features while doing LDAP SSO is to restrict which users can login using their LDAP credentials and which all users can use their local Drupal credentials to login into your site.
In the Drupal LDAP/Active Directory Integration module , you can choose from the following different types of login restrictions:
This option allows your user to login using their LDAP credentials as well as their Drupal Credentials. This feature comes in handy when your users reside both in LDAP as well as Drupal.
This option allows your Drupal administrators to login using either their LDAP or Drupal username and password. However, for the rest of your users, they can only login to your site using their LDAP credentials.
This feature is useful as it provides sort of a backdoor entry to your Drupal site in case your LDAP server is facing any issues. This feature also comes in handy when your Drupal site maintainers are not a part of your LDAP user organization.
Selecting this option will restrict all of your users to log in using only their LDAP Credentials. In this case, no user will be able to access your Drupal site using their Drupal credentials.
If you want any assistance to configure the module or want to try the fully featured 7-days trial version of the module feel free to reach out to us at email@example.com