Softerra LDAP Administrator HelpShow AllHide All

Basic Concept of Credentials

Most LDAP servers are protected by various security mechanisms, which means that one often has to get authenticated in order to access the target server. Information required for this purpose is represented by credentials - sets of arbitrary data that need to be provided to secure an authorized connection. LDAP Administrator offers users a centralized, well-protected mechanism to store and manage credentials with an ability of their multiple reuse after just a one-time original input.

Suppose you have a few server profiles pointing to an LDAP server that requires authentication. In order to access a server those profiles are bound to, you will no longer need to input appropriate credentials multiple times for each profile - this can be done by retrieving the ones originally entered and appropriate for the given server via the Credentials Manager. In case your credentials get changed, or if you don't want the application to store your password anymore, you won't have to modify each of the profiles accordingly - instead it'll be just enough to edit a single record describing your credentials for the changes to be automatically applied to all the profiles using those credentials.

Once you have specified credentials to access an LDAP server using LDAP Administrator, they become available via the Credentials Manager and can be used for the purposes of creating or modifying profiles, following referrals, etc. LDAP Administrator can even attempt to automatically match credentials required for referral rebind when handling referrals.

Usually credentials are bound to just a single LDAP server based on its host and port, which makes it easier to select appropriate credentials required for connection. However, at times you may want to use one set of credentials to get authenticated to a number of different LDAP servers. For this purpose we recommend you use Credentials Manager to give credentials a 'shared' status in order to enable their use for multiple LDAP servers.

Credentials are not stored in LDAP profiles, which means that deleting a profile will not in any way affect the credentials it's been using - a feature that provides for the multiple reuse of credentials.

See Also