This article describes how to set up Microsoft Active Directory (AD) as data source for Smart ID Identity Manager . In general, Identity Manager communicates with AD via LDAP or LDAPS protocol.
Prerequisites
The following prerequisites apply:
-
A domain controller can be reached from the Identity Manager server via corresponding ports (standard ports are 389 for LDAP and 636 for LDAPS on Active Directory).
-
A domain user service account is available in AD and has sufficient permissions on the objects for the relevant use cases in Identity Manager.
-
The organization unit (OU) and domain components (DC) to be synchronized with Identity Manager are defined. For example, OU=Employee, DC=example, DC=com.
Step-by-step instruction
-
Set up data pool in Identity Manager with an LDAP data source.
-
Set up scheduled jobs in Identity Manager with the LDAP data pool.
-
Configure LDAPS if required.