This article outlines the integration capabilities of the Security Services Platform (SSP) with LDAP directory services and how Single Sign-On (SSO) and Two-Factor Authentication (2FA) can be enabled through external authentication servers. It also addresses known LDAP-related issues and provides relevant resources for troubleshooting.

Security Services Platform 5.0

SSP’s native user authentication does not support SSO and 2FA. These features will be available when SSP is integrated with external LDAP directory services, such as Active Directory or OpenLDAP, via a third-party authentication server. Known performance and login issues are related to how LDAP data is validated and referenced internally.

LDAP Integration Support:

SSP supports LDAP for user authentication using:

• Microsoft Active Directory

• OpenLDAP

This enables organizations to authenticate SSP users via their existing directory service infrastructure.

Enabling SSO & 2FA via External LDAP:

While SSP local accounts don’t support SSO or 2FA directly, these features can be implemented by integrating SSP with an external authentication server, such as Authelia. The server handles LDAP authentication and delivers SSO/2FA functionality.

Known Issues in LDAP Integration:

Note: These issues are generic to LDAP setups and not specific to Active Directory. SSP engineering is actively addressing them, with improvements planned in upcoming releases.

Reference Articles:

- Unable to configure LDAP server or slowness in adding LDAP server on SSP - https://knowledge.broadcom.com/external/article?articleNumber=394506
- LDAP user login fails with error when accessing SSP UI - https://knowledge.broadcom.com/external/article?articleNumber=398118