ONARKEN’s LDAP integration enables real-time user authentication when users scan their ID badges at the lockers. Unlike a traditional import or synchronisation process, this setup directly queries your Active Directory to verify credentials at the moment of badge scan.
Key Concepts
-
Real-Time Authentication:
- When a user scans their ID badge, ONARKEN queries your LDAP Active Directory to authenticate the user.
- This ensures that only authorised users with valid credentials can access lockers.
-
Role and Access Group Mappings:
- LDAP integration still relies on configured Role and Access Group mappings in ONARKEN.
- These mappings define the permissions and access rights for authenticated users.
Prerequisites
Before configuring the integration, ensure:
- Your ONARKEN instance is connected to Active Directory.
- You have administrative access to both ONARKEN and your LDAP Active Directory.
- The required attributes (e.g. card number) are available in your Active Directory schema.
For setup instructions, refer to the How to connect LDAP Active Directory? guide.
How LDAP Authentication Works
-
ID Badge Scanning:
- When a user scans their ID badge at the locker, ONARKEN extracts the badge ID and queries Active Directory.
- When a user scans their ID badge at the locker, ONARKEN extracts the badge ID and queries Active Directory.
-
LDAP Query:
- ONARKEN uses the configured Base DN and credentials to search for the user’s card number in Active Directory.
- If the card number is found and valid, ONARKEN authenticates the user.
- ONARKEN uses the configured Base DN and credentials to search for the user’s card number in Active Directory.
-
Role and Access Check:
- ONARKEN verifies the user’s Role and Access Group mappings to determine their permissions and access rights.
- ONARKEN verifies the user’s Role and Access Group mappings to determine their permissions and access rights.
-
Locker Access:
- If the user is authenticated and has appropriate permissions, they are granted access to the lockers or assets.
Configuring Role and Access Group Mappings for LDAP Authentication
-
Log in to the ONARKEN Management Platform:
Use your administrator credentials. -
Access the Integrations Section:
Navigate toIntegrationsin the main menu. -
Open LDAP Active Directory Configuration:
UnderLDAP Active Directory, clickConfigure Integration. -
Map Roles and Access Groups:
- For each Role or Access Group you want to map, click the Pencil icon.
- Use the search box to specify the Organisational Unit (OU) or security group name in Active Directory.
- Click
Add Mappingto save.
-
Save Settings:
Ensure all mappings are saved and reflect your organisational requirements.