Provide LDAP server login credentials

The LDAP login credentials determine what organizational units the integration can see.

Before you begin

Role required: admin

About this task

Servers that allow anonymous login generally limit the organizational unit (OU) data available to anonymous connections.

Procedure

  1. Navigate to System LDAP > LDAP Servers.
  2. Select the LDAP server to configure.
  3. In Login distinguished name, enter the user credentials for an account with read access to the directory levels from which you want to import users or groups. The system uses these credentials to connect to your LDAP server. If this information is not entered, the application attempts an anonymous login to the LDAP server.

    The Login distinguished name fields accepts several formats.

    To access a Microsoft Active Directory (AD) server, use one of the following:
    • user@domain.com, domain\user
    • cn=user,ou=users,dc=domain,dc=com>
    To access a different LDAP directory server, the username must be in the full distinguished name format:
    • cn=user,ou=users,dc=domain,dc=com
  4. In Login password, enter the password for the LDAP user.
    Note: Consider enabling LDAPS to encrypt this password during transmission.
  5. Select the Active check box.
  6. [Optional] In the Starting search directory field, explicitly specify the LDAP OU attributes you want the instance to import.
  7. Click Update.
    Note: If you provide an LDAP password, the integration performs a Simple Bind operation. If you do not provide an LDAP password, the LDAP server must allow anonymous login or the integration cannot bind to the LDAP server.