AD integration solution using Ldap

Hi Everyone, I have a requirement to implement the AD integration, initially we have to implement it in one app and then use this solution across multiple apps. So I started to gather some initial requirements before getting to a solution. I have not used Ldap and I would really appreciate you help to find the best solution. I have three questions; I found two Ldap solutions on app store 'LDAP Provisioning Agent' and 'LDAP Synchronization module'. What is the difference between both? I think LDAP Synchronization module is what I can see is good for my solution but please correct me if i'm wrong. As mentioned above I want to first implement the AD integration in one app and then as phase two need to implement it to several other Mendix applications (internal and customer facing). So what will be the best approach, just copy over the AD solution into different apps or create a common centralized AD solution using Ldap if that is possible or is there any other best solution for this? Once I implement the AD solution how easy will it be to implement single sign-on? or is this completely different topic? Thanks in advance!
1 answers


Question 1: LDAP provisioning seems to be on boarding users to the Mendix platform. LDAP sync will synchronize users on your app.

Question 2: This depends on your setup. Both options are possible. When creating a centralized app then you'll need to take care of creating users on the apps that need the users.

Question 3: Single Sign On is different from LDAP sync. This will allow users to be signed into your Mendix app once signed in to the network. LDAP could help when using something like Kerberos, but as you're talking about internal and external users the SAML module would be the appropriate route. Then synchronization is not needed as users can be provisioned by the SAML module.