1 Reply Latest reply on Apr 12, 2018 10:38 AM by John Handberg

    Anyone implemented LDAP/LDAPS with AD groups.

    shaun_9999

      I use windows sign in for all of the accounts that log on to solarwinds.

      I currently have them set in groups of:

       

      - Admins

      - 4th/3rd line

      - 1st line

      - contractors/other.

       

      I have set the permissions accordingly for the requirement of the job.  I have seen the feature of using LDAPS.  I have tested it and it works, but I am wondering if I will break all of my permissions and sign ons.  Anyone setup LDAPS with AD groups and have they had any issues with this?

      Is there even a need to use LDAP?

        • Re: Anyone implemented LDAP/LDAPS with AD groups.
          John Handberg

          Part of this may depend on company policy, other parts on efficiency.  In my previous job, we were required to use AD authentication for all apps, including SolarWinds so that password policy was maintained, and additional username/passwords were not required.

           

          Where I am now, AD groups are far more efficient.  We are a very large organization.  We can set the permissions for the different groups.  Teams generally see most everything, but Server teams only have permissions to change server items, network teams network items, VM teams VM items.  We don't have to have different permissions per user, just per group.  And the AD group membership is maintained by the teams or AD admins so we don't have to deal with that or with password resets.