Synchronizing LDAP users in System Manager

Last Updated : May 18, 2021 |

About this task

Use this procedure to synchronize LDAP users in System Manager.

Procedure

  1. On the System Manager web console, click Users > Directory Synchronization > Sync Users.
  2. On the User Synchronization page, on the Synchronization Datasources tab, click New.

    The New User Synchronization Datasource page opens.

  3. In the Directory Parameters section, in the Datasource Name field, enter the name to identify Active Directory.
  4. In the Host field, enter the FQDN address of your LDAP server.

    Ensure that LDAP certificates contain a SAN entry.

  5. In the Principal field, enter the LDAP login details.

    For example, myDomain\Administrator.

  6. In the Password field, enter the password for the LDAP login account that you specify.
  7. In the Port field, enter the port number as 636.
  8. In the Base Distinguished Name field, enter the LDAP details.

    For example, CN=myDomain.com,DC=myDomain,DC=com

  9. In the Search Filter field, enter the LDAP search string.

    For example, CN=Alex*.

  10. Select the Use SSL check box.
  11. Click Test Connection.
  12. In the Attribute Parameters section, click Add Mapping to add a row.
  13. From the drop-down list on the left, select cn.
  14. From the corresponding drop-down list on the right, select sourceUserKey.
  15. Click Add Mapping to add another row.
  16. From the drop-down list on the left, select mail.
  17. From the corresponding drop-down list on the right, select loginName.
    Note:

    Instead of the mail field pointing to loginName, you can also use userPrincipalName depending on the configuration of the LDAP server. For example, if the mail field is not set in the LDAP server.

  18. Click Add Mapping to add another row.
  19. From the drop-down list on the left, select givenName.
  20. From the corresponding drop-down list on the right, select surname.
  21. Click Add Mapping to add another row.
  22. From the drop-down list on the left, select givenName.
  23. From the corresponding drop-down list on the right, select givenName.
  24. Click Add Mapping to add another row.
  25. From the drop-down list on the left, select givenName.
  26. From the corresponding drop-down list on the right, select displayName.
  27. Click Save.
  28. On the User Synchronization page, click Active Synchronization Jobs.
  29. Click Create New Job.
  30. On the New User Synchronization Job page, in the Datasource Name field, select the LDAP server and click Run Job.

    Wait for the job to complete so that all LDAP users are loaded in System Manager.

  31. On the User Synchronization page, click Synchronization Job History.
  32. In the Status column, verify that the status of the job is RUNNING.

    The status changes to COMPLETED when the job is complete.