Is it possible to have our Directory Type OpenLDAP and have authentication via SAML (Okta)? Within the Authentication Profile section, I see a section for Directory Type and and section for Authentication Type, but I am not sure if they are dependent or independent of each other. While reviewing the documentation on OpenLDAP, this is how authentication occurs, but I only want my directory (users) populated via OpenLDAP not authenticated.
Yes you can, SAML and LDAP are not mutually exclusive. Separating provisioning (LDAP) and authentication
(SAML) exactly as you describe is a relatively common mode of deployment mode.
Hi Scott, thanks for the quick reply. Looking at my options now, what would be the recommendation for directory type, Active Directory versus OpenLDAP. I believe I could use either, but not sure which to choose? Is one option preferred over the other?
If you’re running AD (most Common) then Active Directory would be the go. There’s some difference in the way LDAP queries need to be executed, so the mode selected should match what your LDAP server is capable of.
Attempting to get this setup, but of course we want to lock it down. What zscaler IP (or range) will the request come form? I need to know this for the firewall rule.