Destination Tab Configuration: Standard LDAP Directories2020-06-30 11:48:35
AD LDS ADAM Active Directory UnitySync
LDAP directories include Active Directory, AD LDS, Office 365, Notes, etc. The following configuration items may be available on the UnitySync Destination tab for a standard LDAP directory. If an LDAP directory does not support a particular function, the related UnitySync option will not appear on the tab. The example below shows an ActiveDir to ActiveDir-Contact (Mail-Enabled) connection.
LDAP Connection Information
IP/DNS: IP address OR host name of the Destination system.
PORT: The LDAP port you have configured in your Destination directory. LDAP typically uses port 389. This can be set to any valid TCP/IP port the Destination server is listening on, however. For Active Directory Destination, you MUST specify a Domain Controller port. Writing to the Global Catalog port is not permitted. Microsoft replication will take care of updating the entire Forest via the Global Catalogs.
SSL: The SSL parameter can be used to set the port, and may enable additional functionality.
No: (default) sets standard port (389), no encryption
StartTLS: allows encryption over standard non-encrypted port (389)
SSL/TLS - Basic: sets SSL standard port (636), enables encryption but not expiration checking of certificates.
- SSL/TLS - Expiration Check: sets SSL port (636), enables encryption and expiration checking of certificates.
- CA Cert: This option is available if either SSL option is enabled. Select the appropriate CA Cert from the drop down box. At sync time, the SSL certificate is validated against the CA Cert to confirm it was generated by the same Certificate Authority. This requires the appropriate CA Cert to exist in …\ UnitySync-v#\global\ssl directory. See the end of this section for more informaiton on CA Cert Requirements.
ID: The DN of an administrative account. This is required information when using Active Directory, because Microsoft directory types require an Administrative Login when creating objects. This can be left blank for anonymous access for all others. To place special permissions on this account, refer to Prepare Directory Servers: Active Directory.
PASSWORD: The password that corresponds to the Logon ID specified.
SSL CA Cert Requirements
SSL CA Cert Validation function is available when any SSL option is enabled (Yes-Basic or Yes-Expiration Checking). The following CA Certificate configuration is required before the option will display the CA Certs in the LDAP Configuration Info section of your connection:
- A CA Cert must be obtained from the appropriate Certificate Authority.
- The CA Cert must be Base 64 Encoded x.509 (.cer)
- The CA Cert must be copied into the …\UnitySync-v#\Global\SSL directory on your UnitySync server