LDAP Configuration

Configure the connection between the Cloud Identity agent and your on-premises Active Directory.
Use this page to configure the connection between the Cloud Identity agent and your on-premises Active Directory.
LDAP Configuration
Bind DN
Specify the login name (Distinguished Name) for your Active Directory.
Bind Password
Specify the password associated with the login name (DN).
Protocol
Select the protocol the agent uses to connect to the Active Directory:
  • LDAP
    — Connect using the default LDAP on port 389.
  • LDAPS
    — (Default) Connect using LDAP over SSL (LDAPS) on port 636. This option requires a CA certificate in the Local Computer certificate store on the agent host or in the Trusted Root CA store for your Active Directory.
  • LDAP with STARTTLS
    —Connect using LDAPv3 Transport Layer Security (TLS) on port 389. This option requires a CA certificate the Local Computer certificate on the agent host or in the Trusted Root CA store for your Active Directory.
Bind Timeout
Specify the time limit (in seconds) that the agent waits when connecting to the Active Directory (default is 30, range is 1-60 seconds). If the timeout occurs, the agent attempts to connect to the next domain controller in the sequence for that domain.
Search Timeout
Specify the time limit (in seconds) when the agent stops searching the directory (default is 15, range is 1-120 seconds).
Servers
Add
a server and provide the following details:
  • Name
    —Your Active Directory name.
  • Domain
    —Your Active Directory fully qualified domain name.
  • Network Address
    —IP address or fully qualified domain name (FQDN) of your Active Directory.
  • Port
    — Your Active Directory port number (default for LDAP and LDAP with STARTTLS is 389 and default for LDAPS is 636).
    Do not configure the agent to use the Global Catalog port (3268 for LDAP or 3269 for LDAPS).
The changes are not confirmed until you click
Commit
.
  • You can optionally
    Test Connectivity to AD
    to confirm the connection to your Active Directory.
  • To edit a server configuration, select the server’s check box and click
    Edit
    .
  • To delete a server configuration, select the server’s check box and click
    Delete
    .

Recommended For You