Akamai EAA – Setup LDAP Directory

Jonas Schultz Solutions Engineer @ GlobalDots
2 Min read

If you use Okta without any additional Active or LDAP Directory and want to use the existing user and groups from Okta in Akamai’s EAA, this article becomes handy to you. Especially if you use Okta as an Identity Provider (IDP) for your EAA applications.

Instructions

We have to parts here:

Reduce your AWS costs by over 50%

Discover your Cloud Saving Potential – Answer just 5 simple questions. AppsFlyer, Playtika, Lufthansa, IBM, top leading companies are already using our FinOps services.

Reduce your AWS costs 
by over 50%

Part One: Okta Configuration

  1. You need admin access inside the Okta portal.
  2. Login and create a new LDAP interface directory on the admin portal. To do that click on the menu ‘Directory’ on ‘Directory Integrations’.
  3. Click on ‘Add Directory’ and choose ‘Add LDAP Interface’. If this option is not available the LDAP interface will exist already.
  4. In result, you will see a settings page with all necessary information to set it up in Akamai EAA. Please see the example below. We are not done yet.
  5. We still have to create a user inside Okta with Admin Read-Only rights which can access the directory from outside and disable the need for MFA for him. The steps to do this are out of scope here.

Part Two: Akamai EAA – Setup LDAP Directory

Prerequisite: A working connector with a public IP who can access the Okta LDAP interface. Please remember Okta is a cloud service.

  1. Login to Akamai and open EAA. From the ‘Identity’ menu choose ‘Directories’.
  2. Click on ‘Add Directory’ button on the top right.
  3. Name your new directory and choose ‘LDAP’ as type. 
  4. On the next page start to fill in your credentials and server information from the Okta settings. Please use your own uid and dc attribute here.
  5. Associate the correct connector to the setup.
  6. Fill in the ‘Attribute mapping’ and additional attributes exactly as stated in the attached PDF document. Please also pay attention to upper and lower case letters! This is truly important as it won’t work else! Remember to use your own uid and dc attributes.
  7. Save and close the directory integration.
  8. Check if the directory is up. If not open the directory diagnostics and test the connectivity and search for users and groups.
  9. If everything works here you can start and add some groups from your Okta directory. Unfortunately, you have to add them manually one by one or using wildcards if possible. According to Akamai this is a feature, not a bug :wink:. Once a group has added the users inside this group were synced automatically afterward. At least one group from Okta is always there – ‘Everyone’.
Only groups that were added manually in EAA are synced with all the users inside. Please remember Okta’s LDAP interface is read-only!

That’s it. Next step is, if not already done:

Add Okta as your identity provider (IDP).

This step is documented on Akamai and a template for Okta will exist.

Good luck!

Latest Articles

Embark on Your Cloud Security Journey with GlobalDots CNAPP and its New CIEM Capability

Imagine being the captain of a vast space station, floating in the endless cosmos. Your station is filled with various facilities, each serving its unique purpose, and inhabited by astronauts, each following their own set of rules. Without a proficient system to manage these rules, chaos could reign. An astronaut might accidentally enter a restricted […]

Nesh (Steven Puddephatt) Senior Solutions Engineer @ GlobalDots
27th July, 2023
Long-Term LastPass Breach Sounds Alarm For Static Credentials

LastPass’ password management service has introduced millions of users to the convenience and security of unique passwords. Across mobile and browser, LastPass promises a near-passwordless experience for millions of individuals and over 100,000 businesses. However, recent news threatens to drop a bombshell on credential-based security.  The Year-Long LastPass Dual Breach  In August 2022, LastPass released […]

Beshoy Halim Cloud Engineer @ GlobalDots
2nd March, 2023
It’s time to get rid of passwords!

In addition to being outdated, passwords create frictions and hassles for workflows, teams, and users. We enable the complete elimination of passwords, securely and with an optimal user experience – by implementing the latest IAM & CIAM innovative solutions.  We are using a technology called FIDO2 (Fast ID Online) Authentication – new passwordless authentication method that relieves credentials […]

Nesh (Steven Puddephatt) Senior Solutions Engineer @ GlobalDots
10th November, 2022
GlobalDots Partners With Transmit to Make Passwords Extinct

As we rely more and more on online services, managing passwords becomes increasingly challenging. Compromised passwords lead to account takeovers, which pose existential threats to customer-facing businesses. Account takeovers led to an estimated $11.4 billion in losses in 2021, caused mostly by compromised passwords. GlobalDots, a cloud innovation leader, partners with Transmit Security, a leading […]

GlobalDots
8th September, 2022

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential