Company Synchronization (LDAP)

LDAP synchronization is used for downloading users and user changes from an external LDAP system. The user data include user name, user ID, card identifiers, PIN/QR code, photo, e-mail address, phone number, password and login, vehicle license plates.

Note|/-/media/Images/Manuals/css/note.png Note

Refer to www.ldap.com for more LDAP details.

  1. Go to Companies > Company detail > User synchronization.

  2. If no connection is set, create one.

    Complete:

    • Server Name – if DNS is set correctly, just enter the server name (WIN-9ABEB4AUOHD). If DNS is not set, enter the IP address of the server on which LDAP is running.

    • Port – the default LDAP port is 389 (w/o SSL). If you want to use encrypted connection in your company, enter port number 636. Make sure that the SSL support is enabled on the LDAP server side too. If the administrator sets another port number, make sure it is changed in Access Commander too.

    • Login Name – login name for the user with the root/tree rights. Enter the login name as “[email protected]”.

    • Password – LDAP server user password.

    • Communication Security (SSL) – it is unnecessary to rewrite the port number if SSL is disabled. It is necessary to change the port to 636 if SSL is enabled.

    • Base DN – the root point from which the directory search starts. It can be an extension or a directory root, for example: CN=administrator, CN=users, DC=domain, DC=com.

    The set LDAP connection detail opens up. Now you can test the connection settings. Press Synchronize Now to start one-time synchronization.

  3. Set Automatic synchronization on the Import card. Enabling Automatic synchronization, complete the synchronization intervals. Select the minute/time for the data to be synchronized according to the required frequency.

  4. You can assign user data to the LDAP server attributes on the Options card.

You can delete the set connection in the extended menu ikona-three-dots-acom on the Import card. Set more synchronization parameters on the Options card.

LDAP Synchronization Options

Imported Attributes – edit the scheme to assign the Access Commander data to the LDAP server attributes.

Users Removed from LDAP – define what to do with the users deleted from LDAP. You can keep or delete the users deleted from LDAP in Access Commander. Should the users removed from LDAP be disabled, their data will remain in Access Commander but will not synchronized with the devices.

Users Disabled in Active Directory – define what to do with the users disabled in the Active Directory. Access Commander can ignore the disable or delete (disable) the users disabled in the Active Directory. Once recovered in the Active Directory, the earlier deleted users are reloaded to Access Commander.

Group Synchronization – upload group assignments from LDAP to Access Commander. By setting a synchronization scheme you can set a Base DN and filter of your own to be used for group synchronization. The scheme enables synchronization for nested groups.

Avatar Synchronization – set user photo uploading from the LDAP system.

Reference Monitoring – set whether or not data from the LDAP references should be synchronized.

Nested Search – enable searching of the whole tree or, if the parameter is disabled, just the root.

Paging Enable – LDAP uses paging for extending the Simple Paged Results Control. This allows the results to be split into multiple pages, which is necessary for extensive directory services. The Page Size parameter defines the count of records per page.

Can we advise you on anything else?

Take advantage of our technical support and sales specialists.

Contact Support

Contact Sales