Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


When you're ready to go live, check both the live and visible boxes and then save. Your new connection should be available on the authentication point in a few seconds.

How to


There will be more functions available later, but during the beta you can just set it as live and visible and start using it on the authentication point

How to use LDAP alongside MD accounts

If this is your only local connection, once you set this as both live and visible it becomes your default the expected way for users to log into OpenAthens where the system knows the user is yours - e.g. where the user has selected your organisation from a WAYF on a federated resource or remembers a users previous choice. Where the system does not know the user is yours only the OpenAthens account login will appear, but the user can find you via the search box at which point a button that takes the user to you becomes available.

Users with OpenAthens accounts can still log in by clicking the OpenAthens link on the page to switch their input. This gives you options for providing access to users who you do not have in your directory such as temporary users, walk-ins or test accounts for suppliers.

Should you need to show more than one LDAP option, the user will see a drop down list above the credentials boxes.


What the fields are for


(&(objectCategory=Person)(mail=${uid})(memberOf=cn=students,dc=domain,dc=com)) - An example ActiveDirectory filter still requiring the user to have an object category of person but this time using the primary email address as the username and additionally limited to users in the students security group.


Technical information for your IT team:

During set-up and configuration (including testing of mappings)


All connections from us will come from specified IP addresses, available from the our service desk, and any . Any changes to these would be communicated in advance.