Configure the following settings.
When completing this configuration, click:
- Test the connection to check the connection settings.
- Test authentication to check the authentication settings.
Connection URL
The URL of the LDAP server – for example:
ldap://ldap.example.com:389Enable StartTLS
Whether to enable StartTLS.
Option | Description |
|---|---|
On | Enable StartTLS so that plain LDAP connections are updated to secure ones |
Off | Disable StartTLS |
Use Truststore SPI
The truststore for SSL/TLS certificate validation.
Option | Truststore |
|---|---|
Always | The internal truststore |
Always | A JVM truststore |
Connection pooling
Whether to reuse LDAP connections.
Option | Description |
|---|---|
On | Reuse LDAP connections instead of creating a new one for each request. This option creates a new connection for each request. |
Off | Create a new connection for each request. |
Connection timeout
The maximum waiting time (in milliseconds) to establish a connection to LDAP.
Bind type
The mechanism for authenticating on the LDAP server.
Option | Mechanism |
|---|---|
Simple | DN (Distinguished Name) and password for authentication |
SASL | SASL mechanisms (more secure) |
Bind DN
The account to connect and perform operations in the LDAP server – for example:
cn=admin,dc=example,dc=comThe selected account must have sufficient privileges to read user attributes and to write changes (if synchronization is enabled).
Bind credentials
The password for the Bind DN account.
Store this password securely and periodically rotate it.