Set LDAP connection properties

Configure your LDAP server connection properties.

Before you begin

Role required: admin

Procedure

  1. Navigate to System LDAP > LDAP Servers.
  2. Select the LDAP server to configure.
  3. Set the connection property fields (see table).
  4. Click Update.
    Field Description
    Name Enter the name of the server.
    Active Select this check box if the server is active.
    LDAP Server URLs Enter the URLs of the primary and backup LDAP servers. Servers are first ordered by operational status, with servers that are Up listed first, then ordered by the Order value that you specify. The first server listed is the primary LDAP server. The others are redundant servers.
    Server URL Enter the URL of the server. Configure the form to add this field if necessary. It is a calculated read-only field that shows the list of LDAP servers that you can also see in the LDAP Server URLs field, separated by a space, and ordered by operational status and the order values of the URLs.
    Login distinguished name Enter the distinguished name (DN) of the user authenticating the LDAP connection.
    Login password Enter the server's password.
    Starting search directory Enter the relative distinguished name (RDN) of the default search directory. All queries to this LDAP server will start from this RDN.
    MID Server Select the MID Server you want to use to connect to the LDAP server. Using a MID Server to establish an LDAP connection prevents you from having to expose the LDAP server to external network traffic. It also eliminates the need to establish a VPN tunnel between your LDAP server and ServiceNow data centers.
    Note:
    • The MID Server user must have the user_admin role in order to be able to read LDAP server configuration records.
    • The following are not available with the MID Server:
      • LDAP authentication
      • SSL connection
    Connect timeout Specify the maximum number of seconds that the instance has to establish an LDAP connection. If no connection is made by this time, the connection is terminated.
    Read timeout Specify the number of seconds the integration has to read LDAP data. The integration stops reading LDAP data after the connection exceeds the read timeout. If you enable an SSL connection, you can also set a read timeout value with thecom.glide.ssl.read.timeoutsystem property. If you enter timeout values for both this field and the system property, the lowest timeout value takes precedence.
    SSL Select this check box to require the LDAP server to make an SSL-encrypted connection. For more information, see Enable SSL. If you selected a MID Server, this field is not available.
    Listener Select this check box to enable the integration to periodically poll Microsoft Active Directory servers or LDAP servers that support persistent search request control. Additionally, if you selected a MID Server, the listener functionality is available for that MID Server. See LDAP listener and Enable an LDAP listener for more information.
    Listen interval (timeout value) Specify the listener timeout value in the number of minutes that the integration listens for LDAP data with every connection. The integration stops listening for LDAP data after the connection exceeds the listen interval.
    Paging Select this check box to have the LDAP server split up LDAP attribute data into multiple result sets rather than submit multiple queries.