Directory Service Manager
Use the Directory Service Manager dialog box to create custom connections to Active Directory, Open Directory, Domino, and other LDAP servers.
LDAP Connection Settings
Name | LDAP Connection name, for reference only. |
Server | LDAP Server's hostname or its IP address. |
Port | LDAP Server connection port. The default is 389. If using SSL, the port is 636. The port can be any value if it matches server's settings. |
Use SSL | If selected, SOTI MobiControl secures the LDAP communication over a Secure Sockets Layer (SSL) tunnel. |
Accept Untrusted Certificates | This option allows SSL connections to use Untrusted Certification which in most cases is a self-signed CA root certificate. It's not recommended to enable this in a production environment. |
Authentication Type | Choose how to make a connection to the server. The authentication type should match the server's settings.
Anonymous: Indicates that the connection should be made without passing credentials Basic: Indicates that basic authentication should be used on the connection Negotiate: Indicates that Microsoft Negotiate authentication should be used on the connection. |
User | The user name used for binding to the connection when the authentication Type is Basic or Negotiate. |
Password | The password of the binding user. |
Base DN (Distinguished Name) | The top level of the LDAP directory tree is the base, referred to as the "base DN". This option is to define the highest level of the LDAP search scope. a.k.a. RootContainer. |
Referrals | Control whether the LDAP connection can follow references to alternative locations where the LDAP request may be processed.
Enable Follow Referrals to allow the binding server and the referral servers listed in the search response to be searched. Enable Follow Static Referrals to allow the binding server, the referral servers, and the servers in the static referral server list to be searched. Follow Referrals must be enabled to apply this setting. |
LDAP Server | Select the LDAP server type. You can select Active Directory, Open Directory, Domino, or other. The server type will decide what default search attributes will be used. |
Cloud Link Agent | Select a configured Cloud Link agent from the dropdown list to use this directory service connection for console authentication and device enrollment on cloud environments. |
General Attributes
Object Class | Identifier name of the Object Class, a keyword indicating this is an objectclass definition (or others). Default is "objectClass" and an alternative could be "objectCategory". |
Object Class Group Attribute | The keyword to define the search filter for group related searching. |
Object Class User Attribute | The keyword to define the search filter for user related searching. |
Default Naming Context | This defines the Root DSE Attribute and which is used to define the root directory server entry (DSE) for the server instance. |
Group Attributes
Identifier | The keyword to define the search filter for fetching the object Security Identifier (SID) of the group. |
Identifier | The keyword to define the search filter for fetching the object Globally Unique Identifier (GUID) of the group. |
Common Name | The keyword to define the search filter for fetching the common name. |
Account Name | The keyword to define the search filter for fetching the account name. |
Authentication Search Pattern | The search string for fetching the authentication information |
Member | The keyword to define the search filter for fetching memberships of group attributes. |
Nested Group | The keyword to define where the search filter should look for when searching groups. |
User Attributes
Identifier | The keyword to define the search filter for fetching the object Security Identifier (SID) of the user. |
Common Name | The keyword to define the search filter for fetching common names. |
Account Name | The keyword to define the search filter for fetching account names. |
The keyword to define the search filter for fetching user emails. | |
Authentication Search Pattern | The search string for fetching the authentication information |
Add User Search Pattern | The search string for fetching the add user information. |
SSO User Search Pattern | The search string for fetching the SSO user information. |
User Principal Name | The keyword to define the search filter for fetching user principal names. |
Password Last Set | The date and time that the password for the account was last changed. |
First Name | The keyword to define the search filter for fetching the user's first name. |
Middle Name | The keyword to define the search filter for fetching the user's middle name. |
Last Name | The keyword to define the search filter for fetching the user's last name. |
Phone Number | The keyword to define the search filter for fetching the user's phone number. |
Custom Attribute 1 | The keyword to define the search filter for fetching the first customized user property. |
Custom Attribute 2 | The keyword to define the search filter for fetching the second customized user property. |
Custom Attribute 3 | The keyword to define the search filter for fetching the third customized user property. |
Azure Connection Settings
Name | The name of the new connection. |
Azure Graph API Address | The service root for the Graph API request.
Default address is https://graph.windows.net. |
Azure Tenant ID | The identifier for the tenant that the request targets. |
Azure Application | The MDM associated with the Tenant ID. |