AD Integration - Configuring the connection
Adding a Service
Use the Ubisecure Management application with an Administrator account:
- Select Home → Services
- Select New service…
- Complete the "Create Directory Service Configuration" details
- Title: Human readable unique reference to this directory
- Select pre-defined: Select Active Directory. This will automatically fill the values Directory Factory and Directory Schema.
- Description: Enter a useful description referencing external documentation if appropriate.
- Title: Human readable unique reference to this directory
- Press OK.
Figure 1. Adding a new AD service |
- Service URL → URL of the Active Directory including naming context and possible port numbers if not standard (LDAPS is port 636).
- Username → The principal or username used to connect to the external directory. Typically the principal is given in DN format.
- Credentials → The password associated with the principal. This value will disappear once recorded.
- Configuration String → The configuration string is ready configured as shown. This field is used for adding further settings such as client side failover settings (see Client-side external directory failover). This field is updated after pressing Update. After pressing Update it will contain Service URL and Username settings. Commonly added other configuration strings are:
- password-name=password.ad
- directory.account.login=mail
Figure 2. AD Service Configuration screen |
Before entering the username it is good practice to make sure it is possible to access the Active Directory using that username. To confirm it, ldp.exe in Windows can be used and do the binding.
In Ubisecure SSO you can enter the user credential as follow.