Kendis supports integration with the Active Directory (LDAP) for 

  • Authentication
  • Authorization

Active Directory is only supported for the Kendis "Self-Hosted" version for Docker or VM. For Kendis cloud customers, please check SAML Integration.

Important Note:

Once you configure the LDAP, you will start authentication against the LDAP. However, the user accounts that you have configured before enabling LDAP will still work with the older Kendis only passwords.

You must have at least one Kendis local user account available with super admin rights. This is needed in case, you need to make changes in your LDAP settings later and your LDAP authentication for some reason is not working. If you don't have the local Kendis user account saved, your Kendis system could be locked out and at the moment, there is no way to unlock it.


Follow these 5 steps to configuring Active Directory Integration

Step 1: Navigate to LDAP Setup

On the left navigation, click on the settings and select  "LDAP Setup" as highlighted on the screenshot.

Step 2: Enable LDAP Options

You can choose to enable both authentication and authorization of the users with your Active Directory Users and Groups.

  • Authentication : Users will be authenticated from the LDAP
  • Authorization: You will be able to assign the LDAP users and groups  to the boards collection. In simple terms, access to your boards will be managed. It is an optional settings, however, it's highly recommended to enable it.

Step 3: Provide LDAP Server Settings

Provide the values for your LDAP (Active Directory) settings

  • Host Name: Host name of the LDAP server.
  • SSL: Click the SSL check box if you want to use the ssl 
  • Port: Port you are using for LDAP server. (default ports, without SSL: 389, SSL: 636)
  • Username: User to login in LDAP server.
  • Password: Password of the LDAP user you are using to login in LDAP Server.
  • Base DN: Root node in LDAP from which to search for users and groups. 
  • Additional User DN: Prepended to the base DN to limit the scope when searching for users.
  • LDAP Type: Select your option (Keep "Active Directory" as your selected option)

Note: If not clear what could be the values for Base DN or Additional User DN, please check this article about Distinguished Names and how you can get the Base DN and Additional User DN from LDAP browser. 

Step 4: Test LDAP Connection

After you have provided the values for your LDAP,  click on the "Test" button. If all is working fine you will see the confirmation message.
Remember to press the Save button.

Step 5: Grant board rights to the LDAP User

After successful LDAP configuration, anyone in your organization who have valid account will be able to authenticate and access Kendis. However, they will not have access to any boards and will see the empty message after login.

You can choose the users and groups from LDAP and assign them to different board collections in your account.

  • Go to Board Collections under Settings
  • Click on an existing board collection or create a new board collection
  • On the left hand side, you will see the search box
  • Type the user or group name in the search box
  • Select the user or group and add it to the board collection
  • While adding the user, you need to select the "Role" of the user or the group.

Once users are added to the board collection, after login, they will be able to access these boards.

Related Articles

Did this answer your question?