Active Directory & LDAP Configuration

Configure enterprise directory integration for single sign-on and user provisioning

LDAP Status: Disabled — Enable below to activate directory integration

Connection Settings

Enable LDAP / Active Directory Authentication

LDAP Host / Domain Controller

Use ldap:// for standard or ldaps:// for SSL connections.

Port

Standard: 389, SSL: 636

Encryption

Bind & Search Configuration

The service account is used to search the directory for users during authentication. It should have read-only access to the user directory.

Base DN (Distinguished Name)

The root of your directory tree to search for users.

Service Account DN (Search DN)

Service Account Password

UID Attribute Key

AD: sAMAccountName, OpenLDAP: uid

User Search Filter

Use {uid_key} and {username} as placeholders.

Group-to-Role Mapping

Enable Group-to-Role Mapping

Map Active Directory security groups to BizSync360 application roles.

Admin Group DN

Members get ROLE_ADMIN

Standard User Group DN

Members get ROLE_USER

User Provisioning & Sync

Auto-Provision Users on First Login

Automatically create BizSync360 user accounts when users authenticate via LDAP for the first time.

Sync Interval (minutes)

How often to sync user attributes from the directory.

Actions

AD Quick Reference

Default Port	389 (LDAP), 636 (LDAPS)
AD UID Key	`sAMAccountName`
OpenLDAP UID	`uid`
User Filter	`(&(objectClass=user)(sAMAccountName={username}))`
Group Filter	`(&(objectClass=group)(member={user_dn}))`

Architecture

User Login

Symfony Security

LDAP Provider

Active Directory / LDAP Server