8.1. LDAP integration using PicketLink

eXo Platform uses PicketLink IDM framework that allows a very flexible integration with an LDAP directory:

What you need to read from here?

Take an overview of this guideline:

In reality, the use cases may be very different from one to one. To make easy for readers, this tutorial is divided into four generic cases:


The term "LDAP users" represents users who are created in LDAP by LDAP utilities. The term "Platform users" represents users who are created via eXo Platform UI. The understanding is similar to "LDAP groups" and "Platform groups".

The PicketLink IDM framework does not distinguish between LDAP-to-Platform and Platform-to-LDAP mapping, so the configuration is basically the same, but the effect of some parameters can be different. For example, the createEntryAttributeValues parameter has no effect on the LDAP-to-Platform mapping, thus is explained only in the Platform-to-LDAP mapping.

It should be easy to integrate eXo Platform with an LDAP directory if the directory is well-organized and traditional. For complicated cases, you can raise your question and resolution in eXo Community Forum. Your contribution also helps enrich the FAQ section of this document.

If you want to know more about PicketLink IDM configuration, read PicketLink IDM Reference Guide.

Copyright ©. All rights reserved. eXo Platform SAS
blog comments powered byDisqus