Resolver name

Server URI

Pooling strategy

STARTTLS

Use STARTTLS on a plain LDAP connection usually on port 389.

TLS Version

Verify TLS

Verify the TLS certificate of the server.

The file containing the CA certificate which signed the LDAP TLS certificate.

Base DN

Scope

Bind Type

Bind DN

Bind Password Keyfile Path

Timeout (seconds)

Cache Timeout (seconds)

Size Limit

Server pool retry rounds

Server pool skip timeout (seconds)

Per-process server pool

This setting activates a LDAP server pool that is persisted between requests.

Edit user store

The user data in this database can be modified from within privacyIDEA.

Object classes of a new created user object DN of a new created user object

Loginname Attribute

Search Filter

Attribute mapping

Multivalue Attributes

UID Type

Recursive Search of User Groups

Base DN of User Groups

Enter the base DN for the user groups. Leave this field empty if the groups are located in the same base DN as defined for the users above.

Search Filter for User Groups

Filter to get the groups of a single user. Possible tags: {base_dn} (from the users), {username}, and all attribute mapping keys.

Group Name Attribute

The group attribute defining the group's name, which should be stored in the user info.

User Info Key

The key to store the groups in the user info (attribute mapping key).

No anonymous referral chasing

No retrieval of schema information

Edit LDAP Resolver {{ resolvername }}

Create a new LDAP Resolver