Examples of Microsoft Active Directory LDAP property files

Last Updated : Jun 10, 2026 |

Examples of Microsoft Active Directory LDAP configuration that uses the user ID as the account name

# Binding parameters
ldapUrl=ldaps://gdc.global.example.com:3269
bindDN=global\AADSAssistant
bindCredential=admin123
 
# Authentication parameters
uidAttrID=sAMAccountName
baseCtxDN=dc=global,dc=example,dc=com
allowEmptyPasswords=false
 
# Authorization parameters based on method #2 by searching for the groups
roleFilter=(&(objectClass=group)(member={1}))
rolesCtxDN=ou=Groups,dc=global,dc=example,dc=com
roleAttrID=cn
roleAttrIsDN=false
roleNameAttrID=
roleRecursion=false
searchScope=2
adminRole=AADSAdmin
usersRole=AADSUsers
auditorRole=AADSAuditor
 
# Internationalization parameters
language=en
 
# User management parameters
activeUsersFilter=(&(objectClass=user)(objectCategory=Person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
lastUpdatedTimeAttr=whenChanged

Examples of Microsoft Active Directory LDAP configuration that uses the email address as the account name

# Binding parameters
ldapUrl=ldaps://gdc.global.example.com:3269
bindDN=global\AADSAssistant
bindCredential=admin123
 
# Authentication parameters
uidAttrID=mail
baseCtxDN=dc=global,dc=example,dc=com
allowEmptyPasswords=false
 
# Authorization parameters based on method #2 by searching for the groups
roleFilter=(&(objectClass=group)(member={1}))
rolesCtxDN=ou=Groups,dc=global,dc=example,dc=com
roleAttrID=cn
roleAttrIsDN=false
roleNameAttrID=
roleRecursion=false
searchScope=2
adminRole=AADSAdmin
usersRole=AADSUsers
auditorRole=AADSAuditor
 
# Internationalization parameters
language=en
 
# User management parameters
activeUsersFilter=(&(objectClass=user)(objectCategory=Person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
lastUpdatedTimeAttr=whenChanged