LDAP integration gives you the ability to leverage your
directory information to provision and manage archive users
and related attributes. LDAP integration is designed to
help you streamline user provisioning, management, and
authentication. This feature is mainly designed to
relieve the administrator(s) from the hassles of manually
managing archive users.
Notes: LDAP support
needs to be enabled at the account level first by the OEM
administrator to appear in the Account Admin settings page. The sn, given name, mail, username,
and password have to be filled out on the LDAP server
for integration to successfully complete.
Video - LDAP integration
In order to establish a connection between your LDAP server
and your archiving provider, please follow the following
1. Go to the LDAP integration tab:
1.1 Log in as an administrator
1.2 Go to the Admin section and go to the SETTINGS tab.
1.3 Click on the LDAP integration tab.
2. Provide your LDAP
server connection settings:
2.1 LDAP Server - Hostname or IP address for the LDAP server.
2.2 Port - Enter the port number: 636 can be used for LDAP over SSL.
default, servers that are performing user authentication and
management connects to the customer LDAP server using LDAP
over SSL (port 636).
* The administrator is not able to choose to use standard LDAP (port 389 by default) rather than LDAP over SSL (port 636).
* The administrator can provide any port number as long as it is configured with his LDAP server and uses a secure (SSL) connection.
- LDAP server connection
3. Provide your username
and password for the LDAP integration account:
3.1 Service User Name - The distinguished name of an account with permission to search the LDAP directory. This is basically an account with permission to query the LDAP server.
3.2 Service Password - Password on the network, for read-access only to the LDAP server.
- User name and password
4. Describe how the
service should locate and identify archive users:
4.1 Base DN - The distinguished name of the users container or Active Directory tree.
4.2 User Filter* - The filter that should be used to identify users that should have access to the archive.
4.3 Pull in all e-mail aliases associated with user accounts - Select this checkbox to synchronize all e-mail addresses associated with user accounts. This will pull primary, aliases, and all proxy addresses for your end users populating their My Archive accounts accordingly.
* User Filter is an
LDAP filter string that is used to select those records within
the base DN.
- Base DN and user filter
It is important that you test your LDAP configuration, before
saving any settings you provided. In order to do so, follow a
simple three steps process:
1. Test User Name -
Provide a user name for a user account that should have access
to the archive. It will be used to validate the settings you
2. Test Password - Provide a password for the test account. This password won't be saved.
3. Click on Test Config to test the accuracy of your LDAP configuration settings.
- Testing your LDAP configuration
Test configuration fails
In case your test configuration fails, you will see a message
displayed below the Test
Config button telling you what errors there are and
which fields need to be modified.
- Test config fails
Test configuration succeed
In case your test configuration succeeded, you will see a
message displayed below the Test
Config button telling you that your LDAP
configuration settings are accurate and that the test
- Test config succeed
Once you are done testing your LDAP configuration and that
the archive system has validated your LDAP configuration
settings, click on Save
Settings at the bottom of the page to save your
settings and enable LDAP integration.
Below are few configuration examples showing LDAP configured
accounts for OpenLDAP, Microsoft Active Directory, and Novell
- LDAP integration - OpenLDAP example
Screenshot - LDAP integration - Microsoft Active Directory example
Screenshot - LDAP integration - Novell eDirectory example