eXo Platform organizational objects - user, group and membership - can be stored in database or LDAP. This chapter introduces the integration between eXo Platform and LDAP in which LDAP takes the role of organizational data storage.
Please notice that this integration is not SSO (Single Sign On). The fact that an identity which is created via eXo Platform UI can be saved into the LDAP directory differentiates this integration with SSO use cases.
If SSO is what you need, read the SSO chapter, eXo Add-ons guide that explains how eXo Platform works with LDAP through an SSO service like CAS or OpenAM.
This chapter covers the following topics:
How to configure eXo Platform to work with LDAP. The integration currently uses the PicketLink IDM framework.
A step by step tutorial for eXo Platform configuration with a directory server: LDAP/AD.
If you have integrated eXo Platform with a populated LDAP directory, or when you manage users and groups via LDAP utilities, a service to synchronize between them is necessary.
Before PicketLink, eXo Platform used some other organization service implementations. These are currently not used by default but are still supported.
How to resolve some possible issues of LDAP integration.