Directory
Use the Directory dialog box to create or edit on-prem and Azure-based directory connections. For details, see:
- Add on-prem LDAP connections - see Adding an On-Premises LDAP Connection
- Add Azure connections - see Adding an Azure Directory Service Connection
- Edit existing connections - see Editing a Directory Service Connection
- Delete connections - see Deleting a Directory Service Connection
LDAP Directories and Azure Directories
This pane of the dialog box lists the existing LDAP and Azure directories.
LDAP Directories
LDAP Directories | A list of the existing LDAP directories. This list includes the following columns:
|
Add (+) | Click this icon to open the LDAP Directories / Connection Details pane to configure a new directory. |
Azure Directories
Azure Directories | A list of the existing Azure directories. This list includes the following columns:
|
Add (+) | Click this icon to open the Azure Directories / Connection Details pane for configuring a new directory. |
LDAP Directories / Connection Details
Name | Enter a name for the LDAP connection. This name is used for reference only. |
Server Type | Select the LDAP server type. The server type will decide what default search attributes will be used. Select one of:
|
Server Address | Enter the hostname or IP address of the LDAP server and the connection port. The default port is 389. If using SSL, the port is 636. The port can be any value if it matches server's settings. |
Use SSL | Turn the toggle on to make SOTI MobiControl secure the LDAP communication over a Secure Sockets Layer (SSL) tunnel. |
Accept Untrusted Certificates | Turn the toggle on to allow SSL connections to use Untrusted Certificates, which in most cases are self-signed CA root certificates. It's not recommended to enable this in a production environment. |
Authentication Type | Choose how to make a connection to the server. The authentication type should match the server's settings:
|
Username | Enter the user name used for binding to the connection when the Authentication Type is Basic or Negotiate. |
Password | Enter the password of the binding user. |
Base DN (Distinguished Name) | Enter the top level of the LDAP directory tree is the base, referred to as the "base DN." This option is to define the highest level of the LDAP search scope, a.k.a. RootContainer. |
Follow Referrals | Turn on the toggle to allow the binding server and the referral servers listed in the search response to be searched. |
Follow Static Referrals | Turn on the toggle to allow the binding server, the referral servers, and the servers in the static referral server list to be searched. |
SOTI Cloud Link Agent | Select a configured SOTI Cloud Link Agent from the dropdown list to use this directory service connection for console authentication and device enrollment on cloud environments. |
General Attributes
Object Class | Enter an identifier name of the Object Class, a keyword indicating this is an objectClass definition (or others). The default is "objectClass," and an alternative could be "objectCategory." |
Object Class Group Attribute | Enter the keyword to define the search filter for group related searching. |
Object Class User Attribute | Enter the keyword to define the search filter for user related searching. |
Default Naming Context | Enter the Root DSE Attribute, which is used to define the root directory server entry (DSE) for the server instance. |
Group Attributes
Identifier 1 | Enter the keyword to define the search filter for fetching the object Security Identifier (SID) of the group. |
Identifier 2 | Enter the keyword to define the search filter for fetching the object Globally Unique Identifier (GUID) of the group. |
Common Name | Enter the keyword to define the search filter for fetching the common name. |
Account Name | Enter the keyword to define the search filter for fetching the account name. |
Authentication Search Pattern | Enter the search string for fetching the authentication information |
Member | Enter the keyword to define the search filter for fetching memberships of group attributes. |
Nested Group | Enter the keyword to define where the search filter should look for when searching groups. |
User Attributes
Identifier 1 | Enter the keyword to define the search filter for fetching the object Security Identifier (SID) of the user. |
Identifier 2 | Enter the keyword to define the search filter for fetching the object Globally Unique Identifier (GUID) of the user. |
Common Name | Enter the keyword to define the search filter for fetching common names. |
Account Name | Enter the keyword to define the search filter for fetching account names. |
Enter the keyword to define the search filter for fetching user emails. | |
Authentication Search Pattern | Enter the search string for fetching the authentication information |
Add User Search Pattern | Enter the search string for fetching the add user information. |
SSO User Search Pattern | Enter the search string for fetching the SSO user information. |
User Principal Name | Enter the keyword to define the search filter for fetching user principal names. |
Password Last Set | Enter the date and time that the password for the account was last changed. |
First Name | Enter the keyword to define the search filter for fetching the user's first name. |
Middle Name | The keyword to define the search filter for fetching the user's middle name. |
Last Name | Enter the keyword to define the search filter for fetching the user's last name. |
Phone Number | Enter the keyword to define the search filter for fetching the user's phone number. |
Custom Attribute 1 | Enter the keyword to define the search filter for fetching the first customized user property. |
Custom Attribute 2 | Enter the keyword to define the search filter for fetching the second customized user property. |
Custom Attribute 3 | Enter the keyword to define the search filter for fetching the third customized user property. |
Azure Directories / Connection Details
Name | Enter the name of the new connection. |
Azure Graph API Address | Enter the service root for the Graph API request.
The default address is https://graph.windows.net. |
Azure Tenant ID | Click the + icon to display the Azure Tenant pane, where you configure new tenants. |
Azure Application | The MDM associated with the Tenant ID. |
Azure Tenant ID
Name | Enter the name you want to give the tenant. This name identifies the tenant in the tenant list. |
Azure Tenant Name | Enter the Azure tenant name you received from Microsoft when you signed up for Azure AD. |
Azure Tenant ID | Enter the Azure tenant ID you received from Microsoft when you signed up for Azure AD. |
Metadata Endpoint Address | Enter the metadata endpoint address you received from Microsoft when you signed up for Azure AD. |
Application Names | Click the + icon to display the Application Name section. |
Application Name | For each application, enter:
The Delete icon appears to the right of each application row. You can click it to delete the corresponding application from the list. |
Once you have made changes that require saving, you are prompted to Save or Cancel them.