Chapter 2. Adding a User Storage Provider (LDAP/Kerberos) to Ansible Automation Platform Central Authentication
Ansible Automation Platform Central Authentication comes with a built-in LDAP/AD provider. You can add your LDAP provider to central authentication to be able to import user attributes from your LDAP database.
Prerequisites
- You are logged in as an SSO admin user.
Procedure
- Log in to Ansible Automation Platform Central Authentication as an SSO admin user.
- From the navigation bar, select Configure section → User Federation.
- Using the dropdown menu labeled Add provider, select your LDAP provider to proceed to the LDAP configuration page.
The following table lists the available options for your LDAP configuration:
| Configuration Option | Description |
| Storage mode | Set to On if you want to import users into the central authentication user database. See this section for more information. |
| Edit mode | Determines the types of modifications that admins can make on user metadata. See this section for more information. |
| Console Display Name | Name used when this provider is referenced in the admin console |
| Priority | The priority of this provider when looking up users or adding a user |
| Sync Registrations | Enable if you want new users created by Ansible Automation Platform Central Authentication in the admin console or the registration page to be added to LDAP |
| Allow Kerberos authentication | Enable Kerberos/SPNEGO authentication in the realm with users data provisioned from LDAP. See this section for more information. |