Setup LDAP Identity Source via miniOrange Broker Service

On-the-fly User Creation from a LDAP User Store

miniOrange supports on-the-fly user creation in miniOrange from an external LDAP directory. This would simplify the sign-on process from an external directory without the need to set up scheduled sync from the external directory. After the creation of users on-the fly, it would be possible to set up Two Factor Authentication and Fraud Prevention policies for the users in order to enhance security.

Pre-requisite:

Custom branded URL needs to be set.

The following steps allow to setup On-the-fly User Creation from a LDAP User Store. They require a LDAP User Store to be setup in miniOrange. To setup a LDAP User Store in miniOrange, you can follow the guide in the link.

  1. Navigate to the miniOrange Admin Console through the branded login URL.
  2. Head over to the User Stores section on the left navbar.
  3. Click on Edit for the LDAP Directory with which the On-the-fly user creation needs to be enabled.
  4. You need to ensure that the following attributes are set.
    • Username attribute: This would be the LDAP Attribute mapped to the username in miniOrange.
    • Email attribute: This would be the LDAP Attribute mapped to the email address in miniOrange.
  5. Enable the Sync users in miniOrange option.

6. Click on Save.

At this point, users will be created in miniOrange when a connected application is accessed or if a directory user tries to access the miniOrange dashboard.