LDAP Integration (Active Directory)

Hello to you!

Request

I have, for my company (large company) started to deploy XIBO servers to display, in my factories, information and prevention campaigns. As there are many users who can modify XIBO information, I would like to do an LDAP integration to allow access to the CMS to members of a specific “Active Directory” group.

An LDAP module

Do you know if in the future (preferably close) an LDAP integration module will be available in the XIBO cms, or if you know how to add this functionality myself (I would like to point out that I am a poor developer, my capacity in this area being very limited)

Existing modules

Many LDAP integration systems for php authentication already exist, so it is possible to adapt an open source system easily, right?

Thank you in advance for your answer(s).
Quentin M.

That’s great to hear!

We already have support for SAML Single Sign on with Active Directory via ADFS.

If it’s another LDAP flavour and there is a SAML integration that will authorise against it, we can use that instead.

Natasha

Hello Natasha.

I have studied the ADFS issue well but I find, and my superiors as well, that installing ADFS and creating everything that is required is too cumbersome, when LDAP integration is possible. Unfortunately, my company refused the ADFS solution but still hopes that a simpler and less cumbersome LDAP integration than ADFS is possible.

Sincerely,
Quentin M.

You can also run something like Keycloak, federated with your LDAP server, and it works great. Configuration is also minimal.

IMHO using LDAP for authentication, and not just for provisioning is years behind its time. Offering SSO via SAML is definitely the way forward. In fact, we use SAML to authenticate directly to GSuite.

3 Likes

Hi broadkin,
can you indicate a guide on how to configure the keycloak with xibo? I have already installed keycloak and set up with my Active Directory but now I don’t know how configure it to communicate with xibo. Thanks