Address Manager LDAP Groups allow users from Lightweight Directory Access Protocol (LDAP) systems, such as Microsoft Active Directory or OpenLDAP, to log in to Address Manager. Use LDAP Groups when you already have users defined in another system and you don't want to re-create and maintain those users in Address Manager.
When users from an LDAP group log in to Address Manager, they're automatically added to the Users list, and the LDAP User column indicates that the users are LDAP users. Unlike standard Address Manager users, you don't need to create the user in Address Manager before the user can log in. Any users you add to the LDAP group on your LDAP server can log in to Address Manager.
You can assign access rights to the LDAP group, and you can assign access rights to individual LDAP users. If you have several LDAP groups with differing access rights, and a user belongs to multiple groups, or if you apply access rights to a user in addition to those that the user inherits from the LDAP group, the user receives the most permissive access rights.
To create LDAP groups, set up one or more LDAP authenticators. For information on adding authenticators, refer to Adding external authenticators.
To add an LDAP Group: