- 12 Aug 2023
- 3 Minutes to read
- DarkLight
- PDF
LDAP
- Updated on 12 Aug 2023
- 3 Minutes to read
- DarkLight
- PDF
However, since Getac Enterprise is highly configurable, the ability to complete tasks described in this article may be different for each User, depending on policy. Please contact an administrator with all access questions and concerns.
Overview
LDAP settings can be configured and managed from Setup > Active Directory > LDAP.
See the image below for how to access the LDAP page:
Add or Modify an LDAP connection
This page allows for creating and managing Station-specific, local or Azure-hosted AD environments and connections.
See image below for an example:
Local LDAP
Perform the following steps to add a new Local LDAP connection:
- Click on the Page icon or select an LDAP connection from the list by clicking on the checkbox to its left, then click the Wrench Icon.
- Add the following parameters:
- AD Type - Select the Local configuration form.
- Station - The station that the LDAP will be associated with.
- LDAP Path - Path to the server for LDAP.
- LDAP Domain - The domain of the LDAP server.
- External Domain - DNS domain for the LDAP server.
- Auth Service URL - URL and port to get authentication information.
- User Name - User Account ID used to access the AD Instance.
- Password - Password used to access the AD instance.
- Confirm Password - Retype the AD account password exactly to confirm accuracy.
- Synchronize Mode - Indicates if the AD connection is established via web service or directly.
- Enable SSL - Indicates if the LDAP connection is secured with SSL.
Azure LDAP
Perform the following steps to add a new Local LDAP connection:
- Create a new registration for tokenized access to Microsoft Graph and add full read permissions to Azure Active Directory.
- Create a new App Registration in Azure Active Directory.
- On the Certificates and secrets page, select New client secret, enter a description, select Expiry rule and click Add.Caution:Remember to Copy the secret's value before leaving the page, it will only be viewable once.
- On the API permissions page, click Add a Permission > Microsoft Graph > Application Permission, and select Directory > Directory.Read.All.
- If Admin consent is required, follow the on-screen instructions to grant consent.
- In Getac Enterprise, Click on the Page icon or select an LDAP connection from the list by clicking on the checkbox to its left, then click the Wrench Icon.
- Add the following parameters:
- AD Type - Select the Local configuration form.
- Station - The station that the LDAP will be associated with.
- Application Client ID - The unique identifier, provided by Azure, for the a AD instance.
- Directory Tenant ID - The unique identifier, provided by Azure, for the Azure customer (Tenant).
- Client Secret ID - Password String for the Azure AD connection.