Setting up LDAP-based single sign on
RSpace supports direct authentication to an LDAP server containing user identities.
RSpace usernames will match the usernames associated with an LDAP account.
Step 1 - configuring RSpace
RSpace will require connection details to access the LDAP server and additional configuration to know which properties to use for authentication. RSpace staff will assist your RSpace IT admin to configure and test the system
Step 2- creating user accounts
Once connection settings are confirmed, user accounts will be created as follows:
- Creating admin users. There is an account 'sysadmin1' that can authenticate to RSpace without LDAP. This account can be manually used to create other users or admin users. The password for 'sysadmin1' account will be made available to your RSpace IT admin in a secure manner. These new admin users will also not use LDAP authentication, but instead use RSpace's internal authentication system.
- Any user logging into RSpace with LDAP credentials for the first time will get an account created for them automatically with 'USER' role.
- To create PI users, once a user has signed up, an admin user can promote the User account to PI so that LabGroups can be created. The PI can then invite users to join their group.