Destination Tab Configuration: Standard LDAP Directories

Created: 2019-07-17 11:23:53
Modified: 2023-12-06 10:28:56
Tags: Active Directory AD LDS ADAM UnitySync

LDAP directories include Active Directory, AD LDS, OpenLdap Notes, etc. The following configuration items may be available on the UnitySync Destination tab for a standard LDAP directory. If an LDAP directory does not support a particular function, the related UnitySync option will not appear on the tab. The example below shows an ActiveDir to ActiveDir-Contact (Mail-Enabled) connection.

LDAP Connection Information

IP: IP address OR hostname of the Destination system. In v4.0 and later you may specify more than one IP or hostname separated by commas to act as failover in case the first IP/hostname cannot connect.

IMPORTANT NOTE: If you are using Join or Both, your IP or hostname MUST be a GC server for failover to work properly, and the appropriate GC ports must be opened on both.

IMPORTANT NOTE: All relevant connections must use the same values/order. Otherwise, you may receive a license error as UnitySync will count all the first listed IP’s as separate directories. Say you are using 192.165.51.111 and 192.165.51.10. Hostnames for these servers are ServerA and ServerB. Each time you want to use list B as a failover for A, you want to be sure to list it the same way each time, and not use A as a failover for B. You can use either hostname or IP but please be consistent.

SSL: The SSL parameter can be used to set the port, and may enable additional functionality.

  • No Encryption: (default) sets standard port (389), no encryption

  • StartTLS: allows encryption over standard non-encrypted port (389)

  • SSL/TLS - Basic: sets SSL standard port (636), enables encryption but not expiration checking of certificates.

  • SSL/TLS - Expiration Check: sets SSL port (636), enables encryption and expiration checking of certificates.

ID: The DN of an administrative account. This is required information when using Active Directory, because Microsoft directory types require an Administrative Login when creating objects. This can be left blank for anonymous access for all others. To place special permissions on this account, refer to Prepare Directory Servers: Active Directory.

PASSWORD: The password that corresponds to the Logon ID specified.

Sync Mode: Create Only

Placement DN: Exact DN of existing destination OU where you wish to create destination objects.

i.e. Placement DN:

  OU=External Contacts,ou=Contacts,dc=domain.com

Structure Name: If no Placement DN is specified, it defaults to the root of the destination domain and a Structure Name is required. Syntax for Structure name is simply the name of the OU to sync to:

i.e. Structure Name: Outside Contacts

Without Placement DN, this will create contacts in:

  ou=External Contacts,dc=domain,dc=com

With Placement DN, the combined values are the destination OU where objects will be created. Note: If the Struct Name specified does not exist on the destination, the OU (i.e. External Contacts) will be created at sync time.

i.e. Structure Name: External Contacts

Placement DN:
ou=Contacts,dc=domain.com

The synced objects will be created in

  OU=External Contacts,ou=Contacts,dc=domain.com

Sync Mode: Join and Create/Join (aka Both)

Refer to this link for details of using features Join or Both including related features Reject on Match and Modify Attribs

Knowledgebase

Directory
  1. Directify - Self Service

  2. Mimic - Replication

  3. UnitySync - Sync
Password
  1. emPass - Sync
Obsolete
  1. Profiler
  2. SimpleSync