CMS supports LDAP Active Directory for user management. You can integrate CMS with Active Directory on Windows Server. CMS can only integrate with a single Active Directory system. Azure Active Directory is not supported.

You can administer traditional CMS Linux users and LDAP-authenticated users with CMS. When LDAP is enabled, the CMS User Data page provides an option to identify LDAP-authenticated users. When logging in to CMS, users are authenticated with the LDAP server. Linux password administration is not required for LDAP-authenticated users.

With LDAP integration, you can log in to all CMS interfaces, including:

• CMS Supervisor Web Client

• CMS Supervisor PC Client

• CMS ASCII

You can encrypt the Active Directory server connection to avoid exposing personal data. Data encryption with LDAP is an optional feature you can enable when installing the LDAP authentication feature package. Certificate setup is required to encrypt the LDAP connection.

Use the descriptions in this table to help you gather the information you need for LDAP integration:

Active Directory Server information	Example	Your Value
Enable optional encrypted LDAP connection (TLS/SSL)	yes, no
Path to certificate exported from LDAP server – must be provided when LDAP encryption=yes	/tmp/my_AD_cert.cer
Windows Active Directory server IP Address or Fully Qualified Domain Name An FQDN must be provided when LDAP encryption=yes	10.20.30.40 or ADServer.company.com
Port number for the Active Directory server	389 (default for TCP) 689 (default for TLS/SSL) Or specific value from your AD server

The installation log file for LDAP is in the CMS security log located at /cms/install/logdir/security/cms_sec.log.