LDAP Directory Configuration
If LDAP Directory is selected from the User Directory type dropdown list, some additional configuration fields will be required in the Account Configuration step in order to connect and synchronize an LDAP Directory.
If the administrator user used for LDAP connection is not a part of the base DN you can specify the full distinguished name in the Username field
(eg. cn=Administrator,cn=Users,dc=example,dc=com)
The following information should be given to configure an LDAP user directory:
| Attribute | Description |
|---|---|
| Base DN | The DN from where all users can be reached. (e.g. dc=CompanyName,dc=com) |
| User Object Class | The name of the object class (objectClass) that is for user objects. (e.g. posixAccount or person) |
| Object Unique Identifier Attribute | The name of the LDAP attribute that is the unique identifier of an entry. (e.g. entryUUID or objectGUID) |
| User Email Attribute | The name of the LDAP attribute that contains the email of the users. (e.g. mail or email) |
| User Display Name Attribute | The name of the LDAP attribute that contains the display name of the users and will be used as the login name of the users. (e.g. cn, uid or sAMAccountName) |
| Group Object Class | The name of the object class (objectClass) that is for group objects. (e.g. posixGroup or group) |
| Organizational Unit Object Class | The name of the object class (objectClass) that is for organizational unit objects. (e.g. organizationalUnit or ou) |
Only LDAP attributes should be provided in this configuration step. Aliases will not be recognized.
When you have filled the required information click Continue.
Was this page helpful?