Skip to content

Local Directory Configuration

The software includes an out of the box embedded Local User Directory to manage users, groups and group membership to define object permissions and roles.

Furthermore, besides the default "local" local user directory, the software supports the creation of additional local user directories that can be configured on this page. This functionality enables the delegation of security management to regional or departmental divisions.

The Local User Directory is utilized across various components of the system:

  • Authentication - When the Login button is pressed on the software's authentication screen, it tries to authenticate the user account using the provided account and password information across each enabled Local User Directory marked with the "Direct Login" flag. This process occurs sequentially, following alphabetical order.
    Users have the option to specify a particular Local User Directory for authentication by entering its name before the account name in the user field, separated by a backslash. For instance, in the format "dir-name\account" to login with a user from a specific local directory defined on this page.

  • Authorization - The software utilizes account and group membership data obtained from the configured Local User Directory to verify permissions set for objects and roles. Groups in the Local User Directory may encompass users and group members sourced from other directories such as LDAP Servers, Entra ID tenants, and additional local user directories.

  • Permissions - System owners can search for user accounts and groups in the configured Local User Directory to use in object and role permissions.

  • Metadata - The software might use account metadata obtained from the configured Local User Directory to improve the visual presentation for different system functionalities. Examples of LDAP metadata include an account's Thumbnail or Display Name.

Note

By allowing users and groups from other directories to be members of local user directory groups presents an opportunity to define system object permissions and roles using the generic terms of local groups. This architecture separates the maintenance of local groups from a security architecture.

Create a new Local Directory Configuration

To create a new local directory configuration:

  1. Log in to the tenant with an Administrator or Configuration Manager account.
  2. Navigate to Configuration > Local Directory and click the Add button.

  3. Click on the parameter name for details about each or following the guidance provided here:

    • Name: Enter a unique, but recognizable name for this Local Directory connection.
    • Base DN: This parameter defines Base Distringuished Name of the local user directory branch. Administrators could create local user directory branches based on delegated access, georgaphy, folder or other categorization scheme. Examples of the BaseDN include:
      • OU=devops,DC=corp
      • OU=devops,OU=eu,DC=corp
      • DC=au
    • Direct Login: Enable this option to allow accounts from this Local Directory to have native login to this 12Port tenant.
    • Enabled: Enable this integration.

Click the Save button to complete this integration.