Skip to main content

Integrate OpenLDAP for SSO Authentication

Access the SafeSquid User Interface

Enable Authentication

Click on configure

Click on configure

clicking on application setup

clicking on access restriction in application setup

By default, SSO is TRUE don't change anything here

Dont change Anything in Global Section

By default SSO is TRUE don't change any thing here

safesquid comes with some default entries under allow list. You can edit or create a new entry as per your requirement

See the working of each Entry here

default entry given for adding LDAP users into a single user group

clicking on edit policies to edit the default policy

by default enabled field is false. make it true

adding comment for future reference

when your want to trace an entry make it true in the trace entry field otherwise leave it as false

in LDAP profiles selecting the users or user groups you want to set the authentication for

If you want to Authenticate all users from Active Directory Leave this field empty.

note

If you want to leave this field blank make sure that the user or IP address from where you are accessing SafeSquid interface must be free from authentication.

leaving the profiles,Interface and IP address fields blank

leaving PAM authentication true as it is

leaving the username and password field empty

Clicking on access list, you can remove or give the interface access to the users

after removing the config it will show the information about web interface in the drop down

leaving Bypass, Interface username and Interface password field balnk

adding a name in the add to user group section

clicking on save policy

after saving the entry will look something like this

cloning the previous entry to setup authentication for other users. you can create a new entry as well

adding the new users to the clone entry created

clicking on edit policies

entering comment for future reference,clicking on LDAP profiles and selecting the user group from the drop down menu and adding the user group name

clicking on save policy

showing of original entry and cloned entry

default entry for network administrators. adding your network administrators to this entry

clicking on editing policy

clicking on drop down menu to select the administrators

you can keep the default user group as admins or can change

clicking on the save policy

default entry to authenticate all users from AD which are not added in earlier entries

Verifying SSO Authentication

clicking on reports in the safesquid dashboard

clicking on detailed logs

confirming that the SSO authentication is working by seeing the username of the user in safesquid detailed logs