Adding an LDAP Target Manually
To add a new LDAP target for a domain manually, do the following:
1. Log in to the Management Tool as a user with the administrative Database Management permission.
2. Click the Configuration (.png?inst-v=47ec10b4-f7c2-4a03-8c69-04bcea3babaa)
3. On the Configuration page that opens, select the LDAP Targets tab, and then click the Add button (at the top of the page).
4. On the Add LDAP Target page, define the following parameters:
• LDAP Path: Enter the LDAP path for the Active Directory domain controller that you want to connect to in the following format:
LDAP://<Domain Controller name or IP address>/DC=<Domain name>,DC=<Suffix>
e.g. for the test.app.local domain with the SYTECAAPP domain controller, enter the following: LDAP://SYTECAAPP/DC=test,DC=app,DC=local.
For LDAP over SSL (LDAPS), the full name of the domain controller that you want to connect to and the port must be entered. The default port for LDAP connections over SSL is 636. You can specify a different port, but 636 works in most situations.
e.g. LDAP://dc.ldaps.test:636/DC=ldaps,DC=test
NOTE: For LDAP over SSL, for Syteca Application Server to be able to establish a connection with the domain controller, certificates that are signed by a CA (Certificate Authority) must be used.
• Domain NetBIOS Name: Enter the NetBIOS name of the domain you want to connect to.
• User: Enter the name of an existing user belonging to the Active Directory domain that you want to connect to.
• Password: Enter the password for the user account.
NOTE: The credentials of a domain user also need to be entered to be able to use the Password Management feature.
5. Click the Test Connection button to check that the credentials entered are correct (i.e. that there is a connection to the Active Directory domain controller).
NOTE: It is not possible to save the LDAP Target until the connection has been tested successfully.
6. Optionally (e.g. to be able to use password rotation for the domain account), select the Create secret checkbox to automatically create a new secret (for the credentials to be stored in) with the following values:
• Secret Name: <Domain NetBIOS Name>\<User>
• Secret Type: Active Directory account
• Domain: <Domain NetBIOS Name>
• Login: <User>
• Password: <Password>
• Permissions: The user who created the LDAP target is the creator and Owner of the secret.
NOTE: All other settings in the secret are set to the default values.
NOTE: After creating the LDAP target, (the credentials in) a different secret can then be used if required, by editing the LDAP target (and selecting any secret in the “Use secret” drop down list, that the user has Owner permissions for).
7. Click the Save button (in the bottom right) to create the LDAP target.
8. On the LDAP Targets tab, the new LDAP target is then added to the list of LDAP targets displayed in the grid.