Settings for Active Directory
This topic describes how to configure a new Active Directory connection in DataSync.
The Active Directory connector only supports the Truncate and Load option for running extractions.
To configure the connection:
-
In DataSync, create a new source connection for Active Directory.
-
Fill out the fields described below in the Connection Properties panel.
-
Click Save.
Setting | Description |
---|---|
Connection Properties | |
Description | Enter a name for the source connection. |
Server | Specify the Active Directory server's fully qualified domain name (FQDN). For example: ADServer.mydomain.local. |
Port | The port the Active Directory server is running on. The default port is 389. If you enable TLS/SSL below, set the port to 636. |
Enable Active Directory over TLS/SSL |
Select this option to enable SSL/TLS to connect to the Active Directory server. |
Username | The distinguished name of a user. For example: DOMAIN\\BobF. |
Password | The password for the specified user. |
Search Base |
The base portion of the distinguished name and the starting at point at which the Active Directory server will be queried. It can be set to the root directory or a specific subtree. For example: DC=mydomain,DC=local or OU=Users,OU=Canada,DC=mydomain,DC=local |
Maximum number of records | The maximum number of records returned. To configure no limits, set to -1. |
Scope |
Determines what scope a search will be limited to:
|
Follow Referrals | Specifies whether or not to follow referrals returned by the Active Directory server. |
FriendlyGUID |
Determines whether GUID attributes such as objectGUID are returned as binary objects or converted into a human readable string such as 708d9374-d64a-49b2-97ea-489ddc717703.
|
FriendlySID |
This field determines whether SID attributes such as objectSID are returned as binary objects or converted into a human readable string such as S-1-5-21-4272240814-246508344-1325542772-12464.
|
Additional Connection Properties | |
SSLServerCert |
If you are using a TLS/SSL connection, this property can be used to specify the TLS/SSL certificate to be accepted from the server. Any other certificate that is not trusted by the machine is rejected. If not specified, any certificate trusted by the machine is accepted. Note: You can use * to accept all certificates. However, this is not recommended due to security concerns. Example
Here is a shortened example of PEM certificate: -----BEGIN CERTIFICATE----- MIIChTCCAe4CAQAwDQYJKoZIhv......Qw== -----END CERTIFICATE----- Example
Here is an example of path to a local file containing the certificate: C:\cert.cer Example
Here is a shortened example of public key: -----BEGIN RSA PUBLIC KEY----- MIGfMA0GCSq......AQAB -----END RSA PUBLIC KEY----- Example
Here is an example of MD5 thumbprint (hexadecimal values can also be either space- or colon-separated): ecadbdda5a1529c58a1e9e09828d70e4 Example
Here is an example of SHA1 thumbprint (hexadecimal values can also be either space- or colon-separated): 34a929226ae0819f2ec14b4a3d904f801cbb150d |
AuthMechanism |
The authentication mechanism to be used when connecting to the Active Directory server.
|