Authenticating with LDAP

LDAP

LDAP, although a standard, is highly configurable and not always deployed in the same manner across organizations. Humio provides two ways to authenticate, using LDAP and fetch group membership.

  • ldap is the more common method and should be tried first.

  • ldap-search is useful when the user authenticating with Humio can’t search within the LDAP directory service.

Before configuring LDAP you need to ensure that a root account exists on the system. You can do this either by adding the user name (the full name including domain name) through the User Administration Page in the Web UI, or using the API: root access.

LDAP can be tricky; we have a tool available upon request that can make it easier to test the values required to use Humio outside of running Humio itself, and with more detailed and helpful messages.