LDAP Operations Performed During Sync

The following LDAP operations are performed during user and group synchronization from any LDAP directory.

  • Bind operation to authenticate clients (and the applications or users behind them) to the LDAP directory server. The LDAP tool supports simple bind authentication, in which the client either binds by providing a Distinguished Name (DN) and a password or anonymously (with an empty bind DN and an empty password). Unauthenticated binds, wherein a DN is provided with an empty password, are also allowed. Simple Authentication and Secure Layer (SASL) bind authentication is not supported.

  • Search operation to retrieve LDAP directory user and group information that matches the provided search criteria. The LDAP tool will perform an LDAP search for each URI specified. The search can be customized using query filters, user and group attributes, and the search base itself.