LDAP Authentication

Authentication in Pro Tier can use the Local Strategy where username and passwords are stored in the PenTest.WS database, or authentication can check an LDAP server for password authentication.

Users who are authenticating against LDAP need to have an entry in both the PenTest.WS Pro Tier server's User Maintenance system and the LDAP server. You'll also need to add the user's LDAP distinguished name (DN) to their user profile.

Admin Panel LDAP URL

Example URL: http://localhost:7897/admin

The first step to setup LDAP integration is to enter the LDAP URL in the Intranet Mode Config section of the Admin Panel.

LDAP User Setup

Example URL: http://localhost:7897/admin/user/{user.id}/edit

  1. Edit the user profile of the user you want to enable LDAP authentication

  2. Change the Login Strategy to LDAP

  3. Enter the user's distinguished name (DN)

When the user attempts to login the Pro Tier server application will check their username in the local database to lookup their LDAP DN and then check the password against the LDAP server.

If the user has Two-Factor Authentication enabled they will then be prompted for their one-time password as well.

2FA is always handled locally through PenTest.WS

Tier Availability

LDAP Authentication is available on Pro Tier.

Last updated