You can configure Stash to use an LDAP directory for delegated authentication, while still using the internal directory for user and group management. There is an option to create users in the internal directory automatically when they attempt to log in, as described in the settings section below.

To connect Stash to an LDAP directory for delegated authentication:

  1. Log in as a user with 'Admin' permission.
  2. Click Administration in the top menu.
  3. Choose Accounts > User Directories.
  4. Click Add Directory and select Internal with LDAP Authentication as the directory type.
  5. Configure the directory settings, as described in the tables below.
  6. Save the directory settings.
  7. Define the directory order by clicking the blue up- and down-arrows next to each directory on the 'User Directories' screen. The directory order has the following effects:
    • The order of the directories is the order in which they will be searched for users and groups.
    • Changes to users and groups will be made only in the first directory where the application has permission to make changes.

On this page:

Server settings

Copying users on login

LDAP schema

Advanced settings

User schema settings

Note: this section is only visible when Copy User on Login is enabled.

Group schema settings

Note: this section is only visible when both Copy User on Login and Synchronise Group Memberships are enabled.

Membership schema settings

Note: this section is only visible when both Copy User on Login and Synchronise Group Memberships are enabled.