You can add users using LDAP authentication.
Note: users can belong both to root domain and to subdomains. If you need to add users from subdomains, use Global Catalog.
To connect to the LDAP server:
Turn on LDAP connection;
LDAP Port - port number of the server (the common value of this field is 389);
Note: when you add users from subdomains, use Global Catalog ports – 3268 or 3269.
Host - IP address or hostname of the LDAP server;
email@example.com), but you can also use distinguished name;
User filter – defines objects attribute values that will be identified as users. Attribute values must be added according to the LDAP syntax, f.e.:
(objectClass=*)– the search will be done through all the available entries;
(&(objectClass=user)(loginAttr=login)) – the search will be done through the objects with corresponding attribute values;
Note: in most cases, the right User filter's value is
(objectClass=user), but if your LDAP server is not standard, try other variants.
Admin Group DN – defines objects attribute values that will be identified as user groups. Attribute values must be input according to LDAP syntax.
Note: in most cases, the right Group filter's value is
(objectClass=group), but if your LDAP server is not standard, try other variants.
sAMAccountName– corresponds with the login format like
E-mail attribute – attribute name that contains user e-mails, f.e.
userPrincipalName – corresponds with the login format like
Note: if you want to connect only to subdomain, use login in the
First Name attribute – attribute name that contains first username (f.e.
Click Test connection, to check the connection to the LDAP server. If settings are correct, you will see Connection established:
ito view all available users:
Click Save. User will appear on Users tab after the first login to the platform.
Note: after saving LDAP settings, you will not be able to add local users to the Platform.
Unprocessed Continuation Reference(s)error can occur when system addresses to the domain with subdomains and without Global Catalog role (e.g., to the port number 389 with values
DC=test,DC=domainin Base DN field). To solve this error, you should indicate more specific value in the field Base DN, e.g.