LDAP (Lightweight Directory Access Protocol) integration allows farmerswife to authenticate users against a centralized directory service and manage user access based on LDAP-defined permissions.
When LDAP integration is enabled:
User authentication is performed through the LDAP server.
User access to farmerswife is controlled through LDAP configuration.
LDAP permission assignments are mapped to farmerswife Permission Profiles.
LDAP becomes the authoritative source for user authentication.
LDAP integration is an optional add-on feature requiring a separate license. It is recommended primarily for large organizations or multi-site environments with experienced LDAP administrators.
Prerequisites
Before configuring LDAP integration, ensure:
LDAP Integration is licensed and enabled.
An LDAP server is available and accessible.
An LDAP administrator is available to configure the directory.
The
farmerswife.schemafile has been provided with the LDAP license.Required farmerswife Permission Profiles already exist in the system.
LDAP Configuration in farmerswife
Navigate to:
Server Setup → Users
The LDAP configuration panel becomes available once the LDAP module is licensed.
LDAP Settings
| Setting | Description |
|---|---|
| Use LDAP | Enables LDAP authentication. All client logins are validated against LDAP. |
| LDAP Master Address | Hostname or IP address of the primary LDAP server. |
| LDAP Master Port | LDAP communication port. Default: 389. |
| LDAP Slave 1 / Slave 2 | Optional failover LDAP servers. |
| LDAP DN | Root Distinguished Name used for LDAP queries. |
| LDAP Proxy User | Service account used by farmerswife to query LDAP. |
| LDAP Proxy Password | Password for the service account. |
| Sync Time | Daily synchronization time for LDAP users. |
| Sync Now | Performs an immediate synchronization. |
Example
LDAP Master Address: ldap.company.com LDAP Master Port: 389 LDAP DN: dc=company,dc=com
Configuring the LDAP Server
Install the farmerswife LDAP Schema
Copy the supplied schema file:
farmerswife.schema
into the LDAP schema directory.
Example:
/etc/openldap/schema/
Include it in your LDAP configuration file.
Example:
/etc/openldap/slapd.conf
LDAP Structure Requirements
Three LDAP object types must be configured:
Farmerswife Server Definition
Farmerswife Permission Levels
Farmerswife User Information
Step 1: Create a Farmerswife Server Definition
Create an Organizational Unit (OU) to contain farmerswife server definitions.
Example:
ou=FWServer
Create a FarmersWifeServer object.
Required Attributes
fwserverID
Must match:
Server Setup → General → Division ID
Example:
fwserverID=22
fwservername
Descriptive name of the farmerswife server.
Example:
fwservername=Main Production Server
Step 2: Create Permission Level Definitions
Create another OU for Permission Profiles.
Example:
ou=FWPermissions
Within this OU create one FarmersWifePermissionLevel object for each farmerswife Permission Profile.
Examples:
ou=FWPermissions/fwpermissionnr=1 ou=FWPermissions/fwpermissionnr=2
Required Attribute
fwpermissionname
Must match the corresponding Permission Profile name in farmerswife.
Example:
fwpermissionname=Super Administrator fwpermissionname=Producer fwpermissionname=Editor
Step 3: Configure LDAP Users
Every LDAP user requiring access to farmerswife must receive a child object:
FarmersWifeUserInfo
Example:
cn=Peter Moore └─ fwentrynr=1 (FarmersWifeUserInfo)
Required Attributes
fwpermissionDN
Distinguished Name pointing to the Permission Level definition.
Example:
fwpermissionnr=1,ou=FWPermissions,dc=company,dc=com
fwserverDN
Distinguished Name pointing to the farmerswife Server Definition.
Example:
fwservernr=1,ou=FWServer,dc=company,dc=com
Multiple farmerswife Servers
If multiple farmerswife servers exist within the organization:
Create multiple
FarmersWifeUserInfoobjects per LDAP user.Assign different Permission Levels per server if required.
This allows a single LDAP account to have different access levels depending on which farmerswife server is accessed.
Synchronizing LDAP Users
After completing the configuration:
Open Server Setup → Users
Click Sync Now
During synchronization:
New LDAP users are imported.
Existing matching users remain active.
Non-matching users may be deactivated.
User information is updated from LDAP.
Imported LDAP users appear in the LDAP Users category within the Users tab.
Login Process
Once LDAP is enabled:
LDAP becomes the master authentication source.
Only LDAP users with valid
FarmersWifeUserInfoentries can log in.Users must authenticate using their LDAP credentials.
Recommended Setting
Disable:
Server Setup → General → Allow Client Remember Password
Authentication Workflow
When a user logs in:
farmerswife connects to the LDAP server.
farmerswife authenticates using the LDAP Proxy account.
The system searches for the user's LDAP UID.
The Distinguished Name (DN) is retrieved.
farmerswife verifies the user's
FarmersWifeUserInfoentry.The assigned server and permission profile are validated.
LDAP validates the user's password.
User information is synchronized.
The LDAP connection is closed.
Synchronization Workflow
During synchronization:
farmerswife connects to LDAP.
Searches for all
FarmersWifeUserInfoobjects.Validates access rights.
Retrieves user information.
Creates new users when necessary.
Updates existing users.
Completes synchronization when all LDAP users have been processed.
Troubleshooting
No LDAP Users Are Imported
Symptoms
"Sync Now" imports no users.
LDAP users do not appear in farmerswife.
Possible Causes
LDAP server is unreachable.
Incorrect LDAP connection parameters.
Missing LDAP schema configuration.
Incorrect DN or Proxy credentials.
Resolution
Verify:
LDAP server address
LDAP port
LDAP DN
Proxy account credentials
LDAP schema installation
User Cannot Log In
Symptoms
Login fails despite valid LDAP credentials.
Possible Causes
Missing
FarmersWifeUserInfoobject.Incorrect permission assignment.
Incorrect server assignment.
Resolution
Review the user's LDAP configuration and confirm all required farmerswife LDAP attributes are present.
User Appears Deactivated in farmerswife
Cause
The LDAP user either:
No longer exists in LDAP, or
Is not correctly configured for farmerswife access.
Resolution
Contact the LDAP administrator and verify the user's LDAP configuration.
Does farmerswife Store LDAP Passwords?
No.
farmerswife does not store LDAP user passwords. Authentication is always validated directly against the LDAP server.
This version is organized for modern knowledge-base platforms (Zendesk, Help Scout, Document360, Confluence, Guru, etc.) and removes the legacy document flow while preserving the technical details from the original LDAP guide.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article