For a configuration by environment variables, go to that page.
The procedure describes below is only with an Administrator account.
Go in the Administration > Ways of authentication part.
In that page, select Active Directory as way of authentication.
Then fill the fields of the form:
Host: address of the serveur on which is the LDAP service.
Port: port on which is the LDAP service.
DN basis: the root nod in LDAP from which the users and groups will be searched, for example "cn=users,dc=example,dc=com".
Name of the group: (optional) the name of the group that is allowed to sign in to Themis, if that parameter is left empty, the set of groups may sign in to Themis (may be the short name or the DN).
Username: the username used to sign in to the LDAP server.
the password used to sign in to the LDAP service.
Secured server: if that option is selected, ldaps will be used in place of ldap.
Once these information informed, click on Save. That action will disconnect you.
!! You have to restart Themis (via Docker -> docker-compose up -d) so that the change would be effective. !!
The connection to Themis will then go through your Active Directory server:
If for example, an user with the jdoe login already is within Themis (identified by its login) and that that user sign in with its Active Directory account that has the same login (jdoe), then he will arrive directly on its existing account.
If rather, a person signs in Active Directory but did not have an already saved account in Themis, then a form will appear allowing him to complete its account within Themis: