This add-on allows you to authenticate users into your ExpressionEngine site using their LDAP/Active Directory credentials. You can map your LDAP/Active Directory attributes to ExpressionEngine user profile attributes and assign roles to your LDAP/ Active Directory users.
You can perform authentication against various LDAP servers such as Microsoft Active Directory, Azure AD, OpenLDAP, FreeIPA, JumpCloud and more.

LDAP Configuration

• In the LDAP Configuration tab, select the directory server protocol (LDAP / LDAPS) from the dropdown then enter the hostname or IP address of the directory server and select the server port number (389/636). You can enter a custom port number if you have one.
• Username: Enter the service account username.
• Password: Enter the password of the service account username.
• Search Base: Enter the search base in the given format. Users will be searched under the entered search base for authentication.
  Entering multiple search bases are supported in our premium version of the plugin.
• Username Attribute: Enter the LDAP Username Attribute. This will be the username for the LDAP users that log in to the ExpressionEngine website.
  You can use any username attribute, some common attributes are: sAMAccountName, userPrincipalName, mail, cn, etc.
  Logging in with multiple attributes are supported in the Premium Version of the plugin.
• Click on the checkbox to keep the plugin configuration upon install.
• Click on the Test Connection & Save button.

Test Authentication

• Username: Enter the LDAP / Active Directory Username.
• Password: Enter the LDAP / Active Directory Password.
• Click on the Test Authentication button.

Sign-In Settings

• Enable the LDAP Login. This will protect your login page by your configured LDAP. Please check this only after you have successfully tested your configuration.
• Click on the Save Configuration button.

Role Mapping

• Enable Role Mapping: Click on the checkbox to enable the role mapping. After enabling thr role mapping, default selected role will be assigned to the user.
• Do not override existing role: Enabling this checkbox will add the new role to the user without overriding the existing roles.
• Default Role: Click on the dropdown to select the default role.