Here we are giving steps to configure AD as User Store. You can configure any IDP like AD, OpenDS which supports LDAP to single sign-on into apps which doesn’t support SAML or any protocol for single sign-on. Like using our broker service you can sso into any app supporting other protocols like OAuth, OpenID Connect, JWT, etc.
Here we are giving steps to configure AD as IDP & connect it with miniorange broker to single sign-on into WordPress using SAML protocol.
1. Navigate to miniOrange->User Stores->Add User Store->AD/LDAP. Add following values
|Directory Type||Active Directory|
|LDAP Server URL||Your AD server URL or IP address|
|Bind Account DN||Please perform step-2|
|Bind Account Password||Please perform step-3|
|Search Bases||Please perform step-4|
|Search Filter||Please perform step-5|
2. Go to AD FS->Domain->respective Users-> Properties->Attribute Editor. Now copy the value of distinguishedName & paste it against Bind Account DN
3. Enter the valid password for the user from step-2
4. Search Base is a user search location. It means where to search for a user.
5. If you want to add extra conditions on user search you can add it in Search Filter. If you not sure what to add then add (&(objectClass=*)(cn=?)).
6. Click on save. After this, it will show you the list of User stores. Click on Test Configuration to check whether you have enter valid details. For that, it will ask for username & password.
Note: Refer our document to see our step by step guide to setup LDAPS on windows server.