Skip to main content
All CollectionsSelf-Hosted SetupActive Directory Integration (LDAP)
Configure LDAP (Active Directory) Integration with Kendis
Configure LDAP (Active Directory) Integration with Kendis
Kendis Team avatar
Written by Kendis Team
Updated over a week ago

Kendis supports integration with the Active Directory (LDAP) for 

  • Authentication

  • Authorization

Active Directory is only supported for the Kendis "Self-Hosted" version for Docker or VM. For Kendis cloud customers, please check SAML Integration.

Important Note:

Once you configure the LDAP, you will start authentication against the LDAP. However, the user accounts that you have configured before enabling LDAP will still work with the older Kendis only passwords.

You must have at least one Kendis local user account available with super admin rights. This is needed in case, you need to make changes in your LDAP settings later and your LDAP authentication for some reason is not working. If you don't have the local Kendis user account saved, your Kendis system could be locked out and at the moment, there is no way to unlock it.

Follow these five steps to configuring Active Directory Integration.

Step 1: Navigate to LDAP Setup

On the left navigation, click on the settings and select  "LDAP Setup" as highlighted on the screenshot.

Step 2: Enable LDAP Options

You can choose to enable both authentication and authorization of the users with your Active Directory Users and Groups.

  • Authentication: Users will be authenticated from the LDAP

  • Authorization: You will be able to assign the LDAP users and groups to the boards collection. It's highly recommended to enable it.

Step 3: Provide LDAP Server Settings

Provide the values for your LDAP (Active Directory) settings

  • Host Name: Host name of the LDAP server.

  • SSL: Click the SSL check box if you want to use the SSL 

  • Port: Port you are using for LDAP server. (default ports, without SSL: 389, SSL: 636)

  • Username: User to login to LDAP server.
    Your username must be like an email address. If you are currently using the user like "service123" then change it to "serviceuser123@<domain>"

    If you are unsure about <domain> then you can easily calculate from your LDAP distinguished name


    distinguishedName: CN=serviceuser123,OU=Users,DC=example1,DC=com

    then the username would be

  • Password: Password of the LDAP user you are using to login in LDAP Server.

  • Base DN: Root node in LDAP from which to search for users and groups. 

  • Additional User DN: Prepended to the base DN to limit the scope when searching for users.

  • LDAP Type: Select your option (Keep "Active Directory" as your selected option)

Note: If not clear what could be the values for Base DN or Additional User DN, please check this article about Distinguished Names and how you can get the Base DN and Additional User DN from LDAP browser. 

Step 4: Test LDAP Connection

After you have provided the values for your LDAP,  click on the "Test" button. If all is working fine, you will see the confirmation message.
Remember to press the Save button.

Step 5: Login with LDAP Authentication

At the login screen, you MUST only use the username, e.g., "serviceuser123" without the domain.

Note: If you use a complete email address, you will get an authentication failure message.

Step 6: Grant board rights to the LDAP User

After successful LDAP configuration, anyone in your organization who have a valid account will be able to authenticate and access Kendis. However, they will not access any boards and will see the empty message after login.

You can choose the users and groups from LDAP and assign them to different board collections in your account.

  • Go to Board Collections under Settings

  • Click on an existing board collection or create a new board collection

  • On the left-hand side, you will see the search box

  • Type the user or group name in the search box

  • Select the user or group and add it to the board collection

  • While adding the user, you need to select the "Role" of the user or the group.

Once users are added to the board collection, they can access these boards after login.

Related Articles

Did this answer your question?