LDAP Authentication

If you have a Control Hub on-premises installation and your company uses Lightweight Directory Access Protocol (LDAP), you can use the LDAP provider to authenticate Control Hub users. LDAP authenticates a user using the credentials stored in the LDAP server.

LDAP authentication is configured by the default system administrator - the admin@admin user account - for the entire Control Hub installation. To use LDAP authentication, the Control Hub system administrator configures LDAP connection information for Control Hub and then maps organization administrator accounts to LDAP users.

Organization administrators then create Control Hub user accounts and groups and map these to LDAP users and groups. Organization administrators also must configure a disconnected mode password for their user account so that they can log in to registered Data Collectors running in disconnected mode.

When LDAP authentication is enabled, users still require a Control Hub user account to log in to Control Hub or a registered Data Collector. After users enter their Control Hub user account name and LDAP password, Control Hub sends the authentication request to the LDAP provider.