Configure LDAP Server Paige Freeman May 08, 2024 14:18 Updated The Active Directory integration works when the ThreeSixty application server is a member of the domain it is authenticating against (the user’s AD domain). This poses a challenge for managed services staff to be able to administer the server, because they have to have credentials and rights in the foreign domain. Therefore, the Lightweight Directory Access Protocol (LDAP) allows user to authenticate the user against their domain controller. Administrators can configure the settings related to LDAP from the LDAP Setup page, accessed from the LDAP Integration section of the Application Settings page. Select the edit pencil to open the fields for edit. The Edit LDAP page displays, as shown below. Screen Element Description ID_Attribute A unique user attribute. If you are configuring Active Directory you may set samaccountName. Example: entryDN IS_ACTIVE_DIRECTORY Flag to identify Active Directory or LDAP-based user directory If you are configuring a LDAP-based user directory, set this to False. LDAP_VERSION Lightweight Directory Protocol Version Optional if you are configuring Active Directory. Example: 3 PORT The port number where the user directory is running. If you are configuring an Active Directory Global Catalog, specify the port used by the global catalog server (default is 3268). Example: 389 SEARCH_BASE_DN The distinguished name (DN) of the node where the search for users should begin. If you are configuring a global catalog, specify the DN of the forest. Example: dc=example,dc=com SEARCH_FILTER LDAP query filter used to retrieve directory users and shall include object classes and keyword. If you are configuring Active Directory, specify Ambiguous Name Resolution for keyword like (&(objectCategory=person)(objectClass=user)(anr={0})). Example: (&(objectClass=person)(|(cn=*{0}*)(sn=*{0}*)(givenname=*{0}*)(uid=*{0}*)(mail=*{0}*))) SEARCH_SIZE_LIMIT Maximum number of results that a search can return. If this value is greater than that supported by the user directory settings, the user directory value overrides this value. Set the value to 0 to retrieve all users that meet the search criteria. Applicable only if you are configuring Active Directory. SERVER_NAME Name or IP Address of the user directory server. If you are configuring an Active Directory Global Catalog, specify the global catalog server name. Example: MyServer USE_BASIC_AUTH When set to True, uses basic authentication else uses Authorization Type Negotiate If you are configuring a LDAP-based user directory, set this to True. USE_SECURE_LDAP When set to True, enables Secure Socket Layer (SSL) communication with the user directory. The user directory must be configured for secure communication.