Submit Feedback
Legacy Knowledge Base
Published Jul. 2, 2025

Setting Up Liferay Portal with Active Directory Server

Written By

Michael Wine

How To articles are not official guidelines or officially supported documentation. They are community-contributed content and may not always reflect the latest updates to Liferay DXP. We welcome your feedback to improve How To articles!

While we make every effort to ensure this Knowledge Base is accurate, it may not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with any feedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack" publication program, made available for informational purposes. Articles in this program were published without a requirement for independent editing or verification and are provided"as is" without guarantee.

Before using any information from this article, independently verify its suitability for your situation and project.

The details of this article may also be covered in Configuring Liferay's LDAP Settings to Import Users.

This article provides a comprehensive walkthrough for integrating an Active Directory Server with Liferay Portal. By integrating Active Directory with Liferay Portal, you will be able to import the users from your LDAP server into Liferay Portal, along with their group associations. If you have not yet set up your Active Directory Server, the information on acquiring and setting up the software can be found on the Microsoft Azure site.

In this article, you'll be shown...

  • How to create an organizational unit in Active Directory
  • How to add the LDAP server within Liferay Portal
  • How to map the settings for import, and
  • How to import users from Active Directory

Resolution

Create an Organization Unit

  1. In Active Directory, create an Organizational Unit (OU) and name it LDAPtest.
  2. Within LDAPtest, create a new user. Name that user LDAPtest1. Make sure to enter the users first and last name, email and password. Likewise, under Account > Account Options check the box for User cannot change password. If this is not selected, when you attempt to sign in to the Liferay Portal with LDAP users, you will receive authentication errors.
  3. Within LDAPtest, create a new group and name the group LDAPgroup.
  4. In LDAPtest, create a new user named LDAPtest2, and add that user as a member of LDAPgroup. Again, under Account > Account Options check the box for User cannot change password.

Once the above steps are completed, we are ready to configure Liferay Portal to accept an import of these users and the group.

LDAP Mapping

  1. Start the Portal and log in as the Administrator
  2. Navigate to Control Panel > Portal Settings > Authentication > LDAP > LDAP Servers and select Add
  3. Select the Microsoft Active Directory Server radio button and click Reset Values
  4. Enter the below credentials for the Connection Values:ldap-portal01.png

    Under Base Provider URL, place the IP address of the machine with Active Directory on it instead of the IP address noted above. Thus, it takes Base Provider URL takes the following form:
    ldap://$IP_ADDRESS:389

    After filling in the above fields, verify that you are able to establish a connection via the Test LDAP connection button. This connection needs to occur before entering the other LDAP mappings.

  5. Enter the below User Values

    ldap-portal02.PNG

    Under Authentication Search Filter you can establish whether users are authenticated via screen name, email address, or another filter. In the above example, we are authenticating users via screen name.

    Verify that the LDAP users can be imported with the above mappings by selecting Test LDAP Users. If we have followed this process correctly, we should see two users, with only one user having a group association.

    Also, do not worry about the warning given in the above screenshot. As long as everything is filled out, except the password, the mappings should be sufficient to import the users.

  6. Enter the below Group Value

    ldap-portal03.PNG

    Verify that the LDAP group can be imported with the above mappings by selecting Test LDAP Groups.

  7. Once all the connections and mappings have been tested, select Save at the bottom of the page.

Import Users into the Liferay Platform

  1. Under Control Panel > Portal Settings > Authentication > LDAP select enabled. Save the updated settings. Also, verify that the server we added in steps 2-6 displays under LDAP Servers.
  2. Navigate to Control Panel > Portal Settings > Authentication and verify that authentication is by Screen name.
  3. Sign out of the portal, and log in as the two users we created with LDAP.
  4. After importing the users, sign in again as the Administrator, navigate to Control Panel > User Groups and note that the Group we created in LDAP has been imported. Also, note that the user LDAPtest2 is assigned as a member of the User Group.
Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?