Skip to main content

Creating LDAP Users in CxSAST

Notice

For SAST Versions 9.0 and above, refer to Settings Tab - LDAP Server Settings (v2.0 and up).

If the LDAP Role Authorization method is used, LDAP users are defined according to their predefined attributes in the LDAP and this step is not required.

If the Manual Role Authorization method is used (default), LDAP users are defined upon logging in according to the default settings in CxSAST, either a scanner or reviewer. If required, you can create LDAP users using User Management.

To create an LDAP user:

  1. Go to Users & Teams > Organization > User Management.

  2. Once the User Management window is displayed, click <Create New User>.

  3. Once the Create User window is displayed, select Directory User. The Directory User dialog window is displayed.

    LDAP_12.png
  4. Select a Directory from the drop-down list, for example ActiveDirectoryLdap and click <Find>. All the available Directory Users associated with the selected directory are displayed.

    Warning

    If there are no LDAP Directory Users displayed in the Directory User dialog window, check your LDAP authentication settings. Refer to Configuring LDAP Authentication for further information.

  5. Select a Directory User from the list and click <OK>. Directory User information is automatically added by the User Directory.

    LDAP_13.png
  6. If required, add missing user details in the respective fields as outlined in the table below. Fields marked with * are mandatory.

  7. Once completed, click <Create 2899936590.png > to save your settings

Field

Description

First Name/

Last Name

User's full name (automatically filled by the User Directory)

Directory User

Used to select a Directory, e.g., ActiveDirectoryLdap (automatically filled by the User Directory)

E-mail

User's email address, which is used as the name for logging in (automatically filled by the User Directory)

Job Title

User's job title or position

Phone

User's landline phone number

Cell Phone

User's cellular phone number

Team

Click and then drill down the displayed organizational navigation tree to select one or more teams to which this user should belong too

Role

Role is either Scanner or Reviewer, at this point. User may be turned into a Manager at a later stage (by managing the Organizational Hierarchy; or, by using Organizational Tree mode).

  • A Scanner can delete projects\scans if the checkbox is selected. Select the Not Exploitable state checkbox to provide authorization to apply not exploitable state to instances.

  • A Reviewer can make changes to the status or severity of found instances if the checkbox is selected.

Auditor

Reviewers can be turned into Auditors, i.e., permissions to use CxAudit

Skype

User's skype name

Country

User's country location

Expires

Define an expiry date for this user

Language

This defines the user interface language for each user according to the list of supported languages.