Cloudmon supports integration with LDAP and Microsoft Active Directory (AD) to enable centralized authentication, role-based access control, and improved security posture. By integrating LDAP/AD, organizations can manage user identities centrally, enforce password policies defined in AD, and reduce local user management overhead within Cloudmon.
This article provides prerequisites, configuration details, and best practices for integrating LDAP/AD with Cloudmon.
Centralized user authentication and authorization
Alignment with enterprise security standards
Reduced administrative overhead for user management
Support for role-based access using AD groups
Improved auditability and compliance
Before configuring LDAP/AD integration, ensure the following:
An accessible LDAP or Active Directory server
Network connectivity between Cloudmon Controller and LDAP/AD server
LDAP/AD service account with read permissions (recommended)
DNS resolution for LDAP/AD hostname (preferred over IP)
Firewall ports opened (389 for LDAP, 636 for LDAPS)
| Field | Description | Required | Example / Default |
|---|---|---|---|
| Hostname or IP | LDAP server address | Yes | ldap.example.com |
| Port | LDAP server port | Yes | 389 (LDAP) / 636 (LDAPS) |
| SSL/TLS | Enable secure connection | Optional (Recommended) | Enabled |
| Field | Description | Required | Example |
|---|---|---|---|
| AD Domain | Active Directory domain name | Yes (for AD) | example.com |
| Base DN | Root distinguished name for searches | Yes | dc=example,dc=com |
| Field | Description | Required | Example |
|---|---|---|---|
| Administrators Group | DN of AD group mapped to Cloudmon Admin role | Optional | cn=admins,ou=groups,dc=example,dc=com |
| Field | Description | Example |
|---|---|---|
| User / Group Filters | LDAP query filters to limit search scope | (objectClass=user) |
Filters help optimize LDAP queries and restrict authentication to valid user objects only.
Cloudmon requires mapping LDAP attributes to application user fields.
| Field | Description | Required | Example (AD) |
|---|---|---|---|
| Username | LDAP attribute for username | Yes | sAMAccountName |
| First Name | LDAP attribute for first name | Yes | givenName |
| Last Name | LDAP attribute for last name | Yes | sn |
| LDAP attribute for email | Yes |
Log in to Cloudmon as an administrator.
Navigate to Settings → General Settings→ LDAP / AD Integration.
Enter LDAP server connection details (Hostname, Port, SSL/TLS).
Provide AD domain and Base DN information.
(Optional) Configure Administrator Group DN for role mapping.
Configure user and group filters if required.
Map LDAP attributes to Cloudmon user fields.
Test the LDAP connection using a valid AD user.
Save the configuration and enable LDAP authentication.
Log in using an AD user account
Verify correct role assignment based on AD group membership
Confirm user details (name, email) are populated correctly
Always use LDAPS (SSL/TLS) instead of plain LDAP
Use a hostname instead of IP address for certificate validation
Create a dedicated AD service account for LDAP queries
Restrict LDAP access using firewall rules and Allowed IPs
Regularly review AD group membership for admin access
| Issue | Possible Cause | Resolution |
|---|---|---|
| Authentication fails | Incorrect Base DN or credentials | Verify DN and bind account |
| User not found | Filter misconfiguration | Review LDAP filters |
| SSL errors | Certificate trust issue | Import LDAP CA certificate |
LDAP/AD integration in Cloudmon enables secure, scalable, and centralized authentication aligned with enterprise security best practices. Proper configuration and use of LDAPS significantly enhance the overall security posture of the Cloudmon deployment.