Domain Controller Settings for an LDAP Server


When adding or editing an LDAP domain controller, you must enter the following information:

  • Host: The fully qualified host name that you use to identify this network resource, for example,

  • Username, Password: The credentials of a user who has at least read permission for the domain. Based on the requirements of the LDAP server, provide the credentials in one of the following formats:

    • domain\username

    • Distinguished name (DN): For example, a common format for a DN is CN=username,OU=OrgUnit,DC=mydomain,DC=com.

  • Create for Company: (Optional) The company to associate the domain controller with in the CommCell environment.

  • Attribute Map: The mapping of LDAP attributes to the field names and filters for your domain controller. By default, the domain-level values for Microsoft Active Directory values appear, but you can edit these values according to any LDAP-based domain controller.

    • User group filter: The LDAP query to filter the groups that you want to include in the domain controller entity. For example, (&(objectClass=group)(|(cn=MyTeam)(CN=Team))) includes groups named MyTeam and Team.

    • User filter: The LDAP query to filter the users that you want to include in the domain controller entity. For example, (&(objectCategory=User)(sAMAccountName=*)) includes all user entities.

    • Unique identifier: The attribute for your LDAP server that uniquely identifies each entity in the domain controller. For example, uid or samAccountName are uniquely identifying attributes.

    • base DN: The distinguishedName attribute equivalent for your LDAP domain controller. You can also use the base DN attribute to filter the domain controller at the organization level. For example, an organization named Finance in the domain controller CompanyA might have the distinguishedName attribute OU=Finance,DC=CompanyA,DC=com.