Create new accounts by matching users to existing LDAP accounts.
After an LDAP integration is established, the instance can allow new users to log in to the
system even if they do not yet have an account on the instance. When a new user attempts to log
in to the instance, the integration checks to see if this user has an account in the instance. If
the integration does not find an existing user account, it automatically queries the LDAP server
for the username that was entered. If a matching LDAP account is found, the integration tries to
authenticate with the password the user entered. If the password is valid, the instance creates
an account for the user, populates the account with all applicable LDAP information, and logs the
user in to the instance.
On-demand login uses the LDAP User Import transform map. For more information on transform map
requirements, see LDAP transform maps.