LDAP directories with custom IAM schema extensions
Airlock IAM can be connected to LDAP directories to access/persist the following information:
- User Information (user profile, login statistics, password information, etc.)
- Credential data, matrix card data
- Password reset data
Not all IAM features can be used with LDAP directories: only the above type of information can be stored in LDAP directories. Other information (e.g. information for risk-based authentication, consent management, etc.) cannot be stored in LDAP directories.
This section is not about MSAD (Active Directory) but generic LDAP directories. Please refer to the "Active Directory Connector" for MSAD.
Known Issues with Load-Balancer
There have been issues with using load-balancers between Airlock IAM and the LDAP server when modifying passwords (caused by the load-balancer)
In some cases, the password change succeeded from Airlock IAM's point of view (no exceptions or abnormal behavior) but the modification was not persisted in the LDAP server.
If this happens, try using no load balancer in order to spot the cause of the issue.