Editing a Directory Service Connection

About this task

This procedure applies to both on-premises and Azure directory service connections.

To modify a directory service connection:


  1. From the main menu, do one of the following:
    • Select Global Settings > Services > Directory to display the Directory dialog box (see Directory).
    • Select Global Settings > Console Settings > Authentication Options to display the Authentication Options page (see Authentication Options).

      Under Authentication Type, select MobiControl.

      Select MobiControl Directories.

      Select Manage Directories to open the Directory dialog box (see Directory).

  2. In the LDAP Directories or Azure Directories dialog box, select the name of the connection to edit.
  3. If you selected an LDAP connection, edit the on-prem-relevant fields, starting with the Connection Details section:
    Name Enter a name for the LDAP connection. This name is for reference only.
    Server Type Select the LDAP server type. The server type decides which default search attributes to use.


    • Active Directory
    • Open Directory
    • Domino
    • Other LDAP
    Server Address Enter the hostname or IP address of the LDAP server and the connection port. The default port is 389. If using SSL, the port is 636.
    Note: The port can be any value that matches the server's settings.
    Use SSL Turn on to make SOTI MobiControl secure the LDAP communication over a Secure Sockets Layer (SSL) tunnel.
    Accept Untrusted Certificates Turn on to use SSL connections with Untrusted Certificates (usually self-signed CA root certificates).
    Note: Disable this option in a production environment.
    Authentication Type Choose how to make a connection to the server. The authentication type should match the server's settings:
    • Anonymous—Make the connection should without passing credentials.
    • Basic—Use basic authentication on the connection.
    • Negotiate—Use Microsoft Negotiate authentication on the connection.
    Username Enter the user name for binding to the connection when the Authentication Type is Basic or Negotiate.
    Password Enter the password of the binding user.
    Base DN (Distinguished Name) Enter the top level of the LDAP directory tree as the base (referred to as the "base DN"). This option defines the highest level of the LDAP search scope (also known as the RootContainer).
    Follow Referrals Enables searching of the binding server and the referral servers listed in the search response.
    Follow Static Referrals Enables searching of the binding server, the referral servers, and the servers in the static referral server list.
    Cloud Link Agent Select a configured Cloud Link Agent from the list to use this directory service connection for console authentication and device enrollment on cloud environments.
  4. If you selected an Azure connection, edit the Azure-relevant fields, starting with the Connection Details section:
    Name Enter the name of the new connection.
    Microsoft Graph API Address Enter the service root for the Microsoft Graph API request.

    The default address is https://graph.microsoft.com.

    Azure Tenant ID Select the icon to display the Azure Tenant pane, where you configure new tenants.
    Azure Application The MDM associated with the Tenant ID.
  5. Select Save.