LDAP / Active Directory Data Source
An LDAP server address, a distinguished name (DN), a password, and a Base DN need to be specified in the according fields.
Server address
The server address is given as an URL like ldap://example.com:389
or ldaps://example.com
.
Warning:
Note that only ldaps://
is encrypted via SSL/TLS (requires a trusted and valid certificate).
If no trusted certificate is installed on the LDAPS server, a CA certificate can be used to establish trust
(see ca-certs
section of the operations docs).
The default ldap ports are:
Port | Usage |
---|---|
389 | ldap (not encrypted) |
636 | ldaps (SSL/TLS encrypted) |
3368 | active directory global catalog (not encrypted) |
3269 | active directory global catalog (use for authentication) |