Active Directory (AD) Provisioning

Configuration on Cymmetri Identity Platform for Active Directory

For active directory configuration we need AD server with 636 port (ldaps protocol should be enabled).

Ensure that all your object classes are included here in the Entry object classes.

Configure the root suffix, which is the base DC and configure the Principal password.

Base Contexts for group entry searches is the base DN for searching for groups in the AD. Change the server hostname and use the domain name instead of IP address.

Enter the principal as the manager’s principal name, the principal is the user account that will be used for making LDAP queries to the Active Directory. SSL must always be true.

Test AD configuration before assigning an application to any user.

After testing AD configuration, Active Directory account will created for the user being provisioned into the Active Directory.

1. The Cymmetri Identity platform Active Directory provisioning supports the following functions -

   1. Create user

   2. Update user

   3. Delete user

Server hostname needs to be configured for public access