A Lightweight Directory Access Protocol (LDAP) helps with finding information on a network - be it a company's intranet or even the whole worldwide web. It is part of X.500, a standard network directory service.
Does all of that sound familiar? Then the next step is to find out directly how and for what purpose you can use Zammad's LDAP integration.
LDAP for authentication
In Zammad, we use LDAP for authentication purposes. With our LDAP, you can easily use existing authentication systems without having to update more than one source. Also, password policies are ensured by your LDAP source - Zammad will always contact your LDAP server for authentications.
You can easily connect your existing LDAP to your Zammad instance. The system will automatically synchronize with your LDAP on an hourly basis and updates all changes: new users, deleted users, deactivated users... simply maintain your LDAP as before and your Zammad will be up to date, too!
Moreover, import user rights and accesses by configuring a rule like:
all users that are XX will be imported as agents, the rest will be imported as customers
Those rules can be individually set up, meeting your needs exactly.
To configure an LDAP integration, simply go to System → Integrations → LDAP in the admin panel. Now you're in for a surprise: say hello to our Configuration Wizard!
The wizard will take you through every step of the set-up. Technically you can map any LDAP object to a Zammad user object (this also works for Custom Objects!). The wizard even lets you define the wanted LDAP-group-to-Zammad-role mapping with the above-mentioned rules.
In cases where your LDAP system, like Okta, imposes restrictions on anonymous bind, Zammad is designed to recognize and accommodate this limitation. Consequently, instead of a pre-filled select field, Zammad provides users with an editable "Base DN" text field.
Read more in the Admin Documentation.