This page last changed on May 05, 2008 by smaddox.
This page provides configuration notes for Microsoft Active Directory, in relation to Configuring an LDAP Directory Connector.
Screenshot: 'Connector — Microsoft Active Directory'

Attribute |
Description |
Connector |
The directory connector to use when communicating with the directory server. |
URL |
The connection URL to use when connecting to the directory server, e.g.: ldap://localhost:389, or port 636 for SSL. |
Secure SSL |
Specifies whether the connection to the directory server is an SSL connection. |
Use Node Referrals |
Use the JNDI lookup java.naming.referral option. Generally needed for Active Directory servers configured without proper DNS, to prevent a 'javax.naming.PartialResultException: Unprocessed Continuation Reference(s)' error. |
Use Paged Results |
Use the LDAP control extension for simple paging of search results. Retrieves chunks of data rather than all of the search results at once. This feature may be necessary when using Microsoft Active Directory if more than 999 results are returned for any given search. |
Paged Results Size |
Enter the desired page size i.e. the maximum number of search results to be returned per page, when paged results are enabled. Defaults to 999 results. This option is available from Crowd 1.1.1. |
Base DN |
Enter the root distinguished name to use when running queries versus the directory server, e.g.: o=acmecorp,c=com. |
User DN |
Distinguished name of the user that Crowd will use when connecting to the directory server. |
Password |
The password that Crowd will use when connecting to the directory server. |
Configuration notes for Microsoft Active Directory
Active Directory Attribute Example |
Value |
Base DN |
cn=users,dc=ad,dc=acmecorp,dc=com |
User DN |
administrator@ad.acmecorp.com |
For Microsoft Active Directory, specify the Base DN in the following format: dc=domain1,dc=local. You will need to replace the domain1 and local for your specific configuration. Microsoft Server provides a tool called ldp.exe which is useful for finding out and configuring the the LDAP structure of your server.
The URL for Microsoft Active Directory should be in the following format: ldap://domainname.
 | Configuring an SSL Certificate for Microsoft Active Directory
If you wish to use Crowd to add users or change passwords in Microsoft Active Directory, you will need to install an SSL certificated generated by your Active Directory server and then install the certificate into your JVM keystore. Please read the instructions: Configuring an SSL Certificate for Microsoft Active Directory. |
Next Step
Go back to Configuring an LDAP Directory Connector
RELATED TOPICS
Crowd Documentation
|