Skip to main content
Druva Documentation

Register your AD/LDAP

inSync Private Cloud Editions: File:/tick.png Elite File:/tick.png Enterprise

Overview

If you want to use Active Directory (AD)/LDAP to manage your inSync users, you must first register that AD/LDAP. inSync Master requires read-only access to your AD/LDAP so that it can fetch the user details that it requires from your AD/LDAP. You can register either of the following: 

  • The global catalog server of your AD/LDAP. Registering a global catalog server is advantageous for organizations that have geographically-distributed offices. This allows you to import users from different domains to the same profile. 
  • The domain controller of your AD/LDAP. Registering a domain controller is advantageous for smaller organizations that have only one office.

Before you begin

Before you begin, ensure that you have the following information about your AD/LDAP:

  • The host name of the server where the Global Catalog server or the domain controller of the AD/LDAP is available.
  • The user name and password to access the AD/LDAP. Only read access to your AD/LDAP is required.  
  • The port number to access the AD/LDAP.

Register your AD/LDAP

To register your AD/LDAP with inSync Master

  1. On the inSync Management Console menu bar, click Manage > Deployments > AD/LDAP. AD/LDAP page appears.
  2. Click the Accounts tab. List of all the registered AD/LDAP Accounts is displayed.
  3. Click Register AD/LDAP Account. The Register AD/LDAP Account window appears.
  4. Provide the appropriate information for each field: 
    Field  Description
    Directory Service Type

    Select the directory service type that you want to register with inSync Cloud. Available directory service types are as follows:

    Microsoft AD LDAP (others), are other services using LDAP protocol, including OpenLDAP - an open-source implementation.
    Host Type the host name of the server where the global catalog or the domain controller is available.
    Port

    Type the port number required to access your AD/LDAP.  

    If you are registering the AD/LDAP by using its domain controller details, you must use 636 as the port number for a secure connection or 389 as the port number for a non-secure connection.

    If you are registering the AD/LDAP by using Global Catalog server details, you must use 3289 as the port number for a secure connection or 3268 as the port number for a non-secure connection.

    Use secure connection If you want to access your AD/LDAP through an HTTPS connection, select this check box.
    Username Type the user name to access your AD/LDAP. Only read access to your AD/LDAP is required.  
    Password Type the password required to access your AD/LDAP.
    If you are registering LDAP as the Directory Service, you must enter the following Attribute Mapping details.
    Email Type the LDAP attribute for email, that should map to inSync email address.
    inSync Username Type the LDAP attribute that should map to inSync username.
    Logon Name This is the distinguished name of the user. This is used as username for LDAP based authentication.

    Unique Identifier

    Note: This feature is available with On-Premise 5.9.7 and above.

    Type the LDAP attribute for the unique identifier for inSync. inSync administrators can configure a custom attribute for LDAP that allows them to integrate custom LDAP integration with inSync. inSync identifies users based on this custom unique identifier to auto-import users, update user details, and auto preserve users. 

    By default, this field is not enabled. To enable it, contact Druva Support.

  5. Click Ok.
    The AD/LDAP is registered with inSync Master.

Update the registration information for your AD/LDAP

To update the registration information for your AD/LDAP

  1. On the inSync Management Console menu bar, click Manage > Deployments > AD/LDAP. AD/LDAP page appears.
  2. Click the Accounts tab. List of all the registered AD/LDAP Accounts is displayed.
  3. In the Registered AD/LDAP Accounts area, click the AD/LDAP for which you want to update the registration information, and then click Edit. The Edit AD/LDAP Account window appears.
  4. Update the AD/LDAP information as required.
  5. Click Ok.

Remove your AD/LDAP registration from inSync

When you no longer want to use your AD/LDAP with inSync, you can remove your AD/LDAP registration from inSync.

To remove your AD/LDAP registration from inSync

  1. On the inSync Management Console menu bar, click Manage > Deployments > AD/LDAP. AD/LDAP page appears.
  2. Click the Accounts tab. List of all the registered AD/LDAP Accounts is displayed.
  3. In the Registered AD/LDAP Accounts area, click the AD/LDAP that you want to remove, and then click Delete.
  • Was this article helpful?