Active Directory

This page describes how to connect with Active Directory services.

You can connect pathfinder to an Active Directory server for authentication, user and group management.

User information includes the person's full name, username, password, email address and other personal information.

Group information includes the name of the group and the users that belong to the group.

The internal directory stores user and group information in the pathfinder database. You can also connect to external user directories.

Connecting to a Microsoft Active Directory

Admin privileges are required to configure the directory services and apply changes.

Click on test to check connectivity to the external directory.

Click on OK to save your changes.

Please see the Configuration for Active Directory table below for more information on the required fields.

When using Active Directory Autologin (SSO) can be enabled for users logged to the domain.

Connection
Host	<your_host>
Port	636 (SSL) or 389 (no SSL)
use SSL	Yes
Timeout	3000
Username	<your_binduser>@<your.domain.com>
Password	<your_password>
Autologin (SSO)
Schema settings
Base DN	dc=<your>,dc=<domain>,dc=<com>
User bind DN	{0}@<your.domain.com>
User DN	cn=Users (or cn=user or the name of your users folder)
Group DN	cn=Groups (or cn=Group or the name of your group folder)
Properties Mapping
User search string	person
Groups search string	group
User name	sAMAccountName
User First Name	givenName
User Last Name	sn
User Description	description
User Group identifier
User Groups	memberOf:1.2.840.113556.1.4.1941:
User E-Mail	mail
User Primary group ID	PrimaryGroupID
User object Sid	objectSid
GroupName	name
Group Description	description
Group Users	member:1.2.840.113556.1.4.1941:
Group identifier
Object identifier	objectGUID
Primary group token	PrimaryGroupToken
Group object Sid	objectSid

If you are not using or want to ignore nested groups membership remove :1.2.840.113556.1.4.1941: from User Groups and Group Users.