Active Directory
The Active Directory Connector uses an enterprise Active Directory directory service to provide attributes used for:
- migrating user profile information from legacy to cloud identity systems,
- adding HTTP headers consumed by on-premises applications, or
- maintaining state for user sessions as they move across identity systems and applications.
Configuration options
The following values can be provided to the Active Directory connector via the Maverics configuration file.
URL
url
are the URL(s) of the Active Directory server that Maverics connects with.
Both a single URL and a list of URLs are supported. When multiples URLs are provided,
a round-robin load balancing scheme will be used to distribute traffic.
Service Account Username
serviceAccountUsername
is the username used to connect to the Active Directory
server.
Service Account Password
serviceAccountPassword
is the password used to connect to the Active Directory
server.
Base DN
baseDN
specifies the location in which to perform the Active Directory search.
Username Search Key
usernameSearchKey
is the search key to filter on during when searching for a user.
Attribute Delimiter
attributeDelimiter
is the delimiter used to separate multi-valued attributes. This
is an optional field and is only necessary if an attribute is multi-valued. If no
value is provided, a default of “,” will be used for the delimiter.
Examples
Sample Active Directory Connector Configuration
connectors:
- name: ad-example
type: activedirectory
url:
- "ldap://node1.ldap.com"
- "ldap://node2.ldap.com"
baseDN: ou=People,o=Example,c=US
serviceAccountUsername: uid=admin,ou=Admins,o=Example,c=US
serviceAccountPassword: password
usernameSearchKey: uid
attributeDelimiter: ^