The LDAP integration is divided in two sections, login process and retrieving users and roles from LDAP server. It's usually better starting with LDAP configuration parameters which are used by OpenKM to show users and roles into administration and once this section is configured go to Spring Security configuration ( OpenKM.xml changes ).
Usually you only want to retrieve a subset of users and roles present in your LDAP, to be shown in the user interface or be able to login into OpenKM. If this is your case, please take a look at LDAP best practices for filtering users and roles .
- Active Directory basic configuration
- Active Directory advanced configuration
- Active Directory example with referral enabled
- Active Directory example with login based on filtering users by roles ( suggested )