SameGoal may be configured so that users authenticate against a central district server via Lightweight Directory Access Protocol (LDAP). Many districts use LDAP to manage users and authentication across a variety of district applications.
SameGoal supports standard configurations of Active Directory and eDirectory. Additional LDAP implementations may work but are not officially supported. To perform authentication against a locally hosted LDAP server, SameGoal servers located in the SameGoal IP range must be able to open TCP connections to your LDAP server from outside your local network.
- Create and install an SSL certificate (self-signed is acceptable) on your LDAP server. LDAPS (port 636) is required. LDAP is not allowed.
- Setup a publicly routeable IP address which port forwards to the private IP address of your LDAP server.
- Limit traffic to connections from the SameGoal IP range.
- Email your LDAP URL and LDAP Domain to email@example.com. The SameGoal technical team will confirm our servers can perform authentication, and enable the LDAP configuration. Tips:
- Your LDAP URL must be well-formed (eg. ldaps://w.x.y.z/ or ldaps://ad.district.k12.oh.us/) and publicly routeable.
- Your LDAP Domain should be the domain you wish users to authenticate within for SameGoal.