Last modified by MammaMia - 6 months ago
1494 Views
3 min read

How can I sync with Microsoft Active Directory/LDAP services?

Active Directory/LDAP addon allows to sync a Microsoft Active Directory/LDAP service to our plugins. The syncing operation is currently from Microsoft Active Directory/LDAP service to WordPress. In other words, any WordPress changes or additions are not synced back with Microsoft Active Directory/LDAP service.

To be able to perform a successful sync operation, you must:

  • Connect to a Microsoft Active Directory/LDAP service
  • Create and save a mapping between the plugin fields and Microsoft Active Directory/LDAP service fields
  • Set update and removal policy
  • Start syncing on demand or enable WP Cron and set syncing frequency

The following provides information on the fields which you can use to create and maintain a syncing operation.

Active Directory/LDAP Connection Parameters

The fields below need to be provided to successfully connect to Microsoft Active Directory/LDAP servers.

Host/Domain Controller(s) Separate with semicolons, e.g. "dc1.company.local;dc2.company.local". The first domain controller is used by default. All other DCs are only used if first one failed to connect or failed to authenticate the user.
Port Default port for non-secure LDAP is 389
Use TLS Secure the connection between WordPress and AD/LDAP servers using TLS.
Network Timeout Time in seconds after connection attempt to AD/LDAP server times out. Defaults to 5.
Base DN Base DN (e.g. "dc=domain,dc=tld"). The top level of the AD/LDAP directory tree is the base, referred to as the "base DN". This option is to define the highest level of the AD/LDAP search scope.
Connection Account This name can be one of the following:
  • Distinguished Name, such as cn=Joe Admin, cn=users, dc=mycompany, dc=com
  • User Principal Name, such as [email protected]
  • Down-level Logon Name, such as DOMAIN\jadmin
  • Default Domain, where the Connection Account name is admin
Connection Password The password for the connection account.
You must enable PHP LDAP support to connect to your Active Directory or LDAP server. Members of the groups selected here will be imported.
Default WP Author The default WordPress user which will be used in import operation.

 

Data Mapping Rules

The fields below need to be provided to successfully sync data between Microsoft Active Directory/LDAP servers and the supporting plugin.

Employee No This field must be mapped to a unique identifier an employee record in Active Directory/LDAP. In other words, the duplicate values are not allowed in this field.
Title This field corresponds to a field which maps to the full name of an employee in Active Directory/LDAP
WP Author This field must be mapped to a field which corresponds to a WordPress user name if employees are allowed to update their own profile information. Otherwise, it recommended to create a system WordPress user and user that user name.

 

Data Integration Rules

The data integration rules how Active Directory/LDAP fields will be merged.

Enable Updates If this field is not checked existing records are not updated. Updates are performed based on the unique fields. If the unique field does not exist in WordPress a new record is created. The new value is ignored if it is blank or null.
Record Removal

Defines the removal policy for the records not existing in AD/LDAP Service. The available options are;

  • Do not remove: Do not delete employee record if the same record is deleted from Active Directory/LDAP server.
  • Move records to trash: Transfer a record to WordPress trash folder if the same record is deleted from Active Directory/LDAP server.
  • Permanent remove: Delete a record from WordPress if the same record is deleted from Active Directory/LDAP server.
Import Frequency

Set how often you want to perform import from AD/LDAP service. WP Cron must be enabled. The available options are;

  • Do not use scheduled imports
  • Once weekly
  • Daily
  • Twice daily
  • Hourly
  • Twice per Hour
  • Every 10 minutes
  • Every 5 minutes

You can also trigger a data sync using by pressing the Import Now button. You must save import configuration before clicking on this button.

Was this information helpful?