Basic configuration: LDAP mode

Follow these steps to configure basic LDAP mode settings for user visibility.

Before you begin

Make sure that you can connect to your LDAP server through telnet or any other mechanism before you set up the Cloud Extender®.

Procedure

  1. Configure your LDAP setup by using one of the Corporate Directory options and select which users to synchronize.
    • Active Directory
    • OpenLDAP
    • Novell eDirectory
    • Domino LDAP
    • Oracle LDAP
  2. Enter your LDAP Server, Service Account Username and Password, and Authentication type. Enable SSL if your LDAP supports secure authentication. Click Next to validate your Credentials. If a failure message is displayed, check LDAP connectivity from the Cloud Extender server, port, credentials, and authentication type.
  3. Add a root hierarchy to find a user or group. Click Next to validate the configuration.
    Option Description
    Search Roots for Users

    Root a location in your directory from where all users are discovered. The Cloud Extender catalogs any user under the hierarchy. Enter the Distinguished Name (DN) of the Organization Unit (OU) that has users. Related information: Automatic OU lookup from the Corporate Directory (User Visibility).

    Search Roots for Groups Root a location in your directory from where all groups are discovered. The Cloud Extender catalogs any group under the hierarchy. Enter the Distinguished Name (DN) of the Organization Unit (OU) that has groups.
    Filter By Groups (Optional) Filter discovered Users. Enter the Group common name (CN) from where all discovered users are found. Only filtered users are imported into MaaS360.
    Import Groups with no users Select this option to import empty groups into MaaS360®.
    By default, the Cloud Extender uploads only groups that have at least one user as its member. You might need to import empty groups into MaaS360 to preconfigure apps, policies, and content, before a user becomes a member of this group.
    Note: Selecting this option might result in many imported groups.
    LDAP Search Base for Groups (Optional) The search base for groups is the location on your directory that includes all defined user groups.

    This option is similar to the LDAP Search base for Users option. The Cloud Extender uses this attribute to discover all groups from this root location.

  4. Click Advanced to review Advanced configuration options. The values for Advanced configuration mode are populated with default configuration settings based on the LDAP server type selection. To change these settings, click Advanced and go to the Advanced configuration: LDAP mode topic for detailed procedures.
  5. Click Test Reachability to test the LDAP integration. Select Show User Attributes to view a sample set of user objects that the Cloud Extender discovered.
    Note: Filters are not applied to the search results. Numbers that are seen might be greater than expected.
  6. Click Save to complete the setup and return to the Cloud Extender Summary page.