Integration of AEM with LDAP | Community
Skip to main content
richac96395021
richac96395021
Level 4
March 22, 2018
Solved

Integration of AEM with LDAP

  • March 22, 2018
  • 3 replies
  • 2378 views

Hi Team,

I have certain queries regarding Integration of AEM with LDAP:-

1. While integrating AEM with LDAP do we require SSO.

2. Currently, we have integrated AEM with LDAP without SSO, it is working but while creating the login page for a web application do we need Custom Authentication Handler, or what would be the best practice for the same.

3. In our project, there will be multiple user groups, we will be enabling the Closed user group functionality on certain pages after login. Will this be effective if we use Custom Authentication Handler or do we need to add a separate business logic.

4. After integrating AEM with LDAP, we have to manually sync the users using syncAllExternalUsers() options. Can there be a solution to resolve the same?

with regards,

Richa Chaubey

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Kunwarsaluja

1. While integrating AEM with LDAP do we require SSO.

- Not really.

2. Currently, we have integrated AEM with LDAP without SSO, it is working but while creating the login page for a web application do we need Custom Authentication Handler, or what would be the best practice for the same.

- Is it an intranet application ? Would the end-users be using LDAP login credentialss to login into your Web app ?

3. In our project, there will be multiple user groups, we will be enabling the Closed user group functionality on certain pages after login. Will this be effective if we use Custom Authentication Handler or do we need to add a separate business logic.

- This should still work OOTB. If users can login, are part of the CUG group and have the access to the content  This should just work.

4. After integrating AEM with LDAP, we have to manually sync the users using syncAllExternalUsers() options. Can there be a solution to resolve the same?

- You can use the LDAP jmx mbeans to sync all users in one go or can rely on auto-create users so once the users login, the users are created with default set of groups.

3 replies

smacdonald2008
smacdonald2008
Level 10
March 22, 2018

Watch this GEMS session that covers LDAP - it covers a lot of useful information -- Oak's External Login Module - Authenticating with LDAP and Beyond

K
Adobe Employee
KunwarsalujaAdobe EmployeeAccepted solution
Adobe Employee
March 22, 2018

1. While integrating AEM with LDAP do we require SSO.

- Not really.

2. Currently, we have integrated AEM with LDAP without SSO, it is working but while creating the login page for a web application do we need Custom Authentication Handler, or what would be the best practice for the same.

- Is it an intranet application ? Would the end-users be using LDAP login credentialss to login into your Web app ?

3. In our project, there will be multiple user groups, we will be enabling the Closed user group functionality on certain pages after login. Will this be effective if we use Custom Authentication Handler or do we need to add a separate business logic.

- This should still work OOTB. If users can login, are part of the CUG group and have the access to the content  This should just work.

4. After integrating AEM with LDAP, we have to manually sync the users using syncAllExternalUsers() options. Can there be a solution to resolve the same?

- You can use the LDAP jmx mbeans to sync all users in one go or can rely on auto-create users so once the users login, the users are created with default set of groups.

V
Adobe Employee
venkat_sankaranarayananAdobe Employee
Adobe Employee
October 18, 2019

Hi Kunwaar,

Suppose, if my requirement is just to preload all LDAP users in AEM  and do not use LDAP authentication after preloading, can i remove the LDAP Configuration after completion of JMX call?

Does it create any issue?

We are planning to preload and then SAML based authentication.

Regards,

Terms & ConditionsAccessibility statement

Loading footer...