How can I sync with Microsoft Active Directory/LDAP services?
Active Directory/LDAP addon allows to sync a Microsoft Active Directory/LDAP service to our plugins. The syncing operation is currently from Microsoft Active Directory/LDAP service to WordPress. In other words, any WordPress changes or additions are not synced back with Microsoft Active Directory/LDAP service.
To be able to perform a successful sync operation, you must:
- Connect to a Microsoft Active Directory/LDAP service
- Create and save a mapping between the plugin fields and Microsoft Active Directory/LDAP service fields
- Set update and removal policy
- Start syncing on demand or enable WP Cron and set syncing frequency
The following provides information on the fields which you can use to create and maintain a syncing operation.
Active Directory/LDAP Connection Parameters
The fields below need to be provided to successfully connect to Microsoft Active Directory/LDAP servers.
|Host/Domain Controller(s)||Separate with semicolons, e.g. "dc1.company.local;dc2.company.local". The first domain controller is used by default. All other DCs are only used if first one failed to connect or failed to authenticate the user.|
|Port||Default port for non-secure LDAP is 389|
|Use TLS||Secure the connection between WordPress and AD/LDAP servers using TLS.|
|Network Timeout||Time in seconds after connection attempt to AD/LDAP server times out. Defaults to 5.|
|Base DN||Base DN (e.g. "dc=domain,dc=tld"). The top level of the AD/LDAP directory tree is the base, referred to as the "base DN". This option is to define the highest level of the AD/LDAP search scope.|
|Connection Account||This name can be one of the following: |
|Connection Password||The password for the connection account.|
|You must enable PHP LDAP support to connect to your Active Directory or LDAP server. Members of the groups selected here will be imported.|
|Default WP Author||The default WordPress user which will be used in import operation.|
Data Mapping Rules
The fields below need to be provided to successfully sync data between Microsoft Active Directory/LDAP servers and the supporting plugin.
|Employee No||This field must be mapped to a unique identifier an employee record in Active Directory/LDAP. In other words, the duplicate values are not allowed in this field.|
|Title||This field corresponds to a field which maps to the full name of an employee in Active Directory/LDAP|
|WP Author||This field must be mapped to a field which corresponds to a WordPress user name if employees are allowed to update their own profile information. Otherwise, it recommended to create a system WordPress user and user that user name.|
Data Integration Rules
The data integration rules how Active Directory/LDAP fields will be merged.
|Enable Updates||If this field is not checked existing records are not updated. Updates are performed based on the unique fields. If the unique field does not exist in WordPress a new record is created. The new value is ignored if it is blank or null.|
Defines the removal policy for the records not existing in AD/LDAP Service. The available options are;
Set how often you want to perform import from AD/LDAP service. WP Cron must be enabled. The available options are;
You can also trigger a data sync using by pressing the Import Now button. You must save import configuration before clicking on this button.