Creating LDAP Users in CxSAST
Notice
For SAST Versions 9.0 and above, refer to Settings Tab - LDAP Server Settings (v2.0 and up).
If the LDAP Role Authorization method is used, LDAP users are defined according to their predefined attributes in the LDAP and this step is not required.
If the Manual Role Authorization method is used (default), LDAP users are defined upon logging in according to the default settings in CxSAST, either a scanner or reviewer. If required, you can create LDAP users using User Management.
To create an LDAP user:
Go to Users & Teams > Organization > User Management.
Once the User Management window is displayed, click <Create New User>.
Once the Create User window is displayed, select Directory User. The Directory User dialog window is displayed.
Select a Directory from the drop-down list, for example ActiveDirectoryLdap and click <Find>. All the available Directory Users associated with the selected directory are displayed.
Warning
If there are no LDAP Directory Users displayed in the Directory User dialog window, check your LDAP authentication settings. Refer to Configuring LDAP Authentication for further information.
Select a Directory User from the list and click <OK>. Directory User information is automatically added by the User Directory.
If required, add missing user details in the respective fields as outlined in the table below. Fields marked with * are mandatory.
Once completed, click <Create > to save your settings
Field | Description |
---|---|
First Name/ Last Name | User's full name (automatically filled by the User Directory) |
Directory User | Used to select a Directory, e.g., ActiveDirectoryLdap (automatically filled by the User Directory) |
User's email address, which is used as the name for logging in (automatically filled by the User Directory) | |
Job Title | User's job title or position |
Phone | User's landline phone number |
Cell Phone | User's cellular phone number |
Team | Click and then drill down the displayed organizational navigation tree to select one or more teams to which this user should belong too |
Role | Role is either Scanner or Reviewer, at this point. User may be turned into a Manager at a later stage (by managing the Organizational Hierarchy; or, by using Organizational Tree mode).
|
Auditor | Reviewers can be turned into Auditors, i.e., permissions to use CxAudit |
Skype | User's skype name |
Country | User's country location |
Expires | Define an expiry date for this user |
Language | This defines the user interface language for each user according to the list of supported languages. |