| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
AD Lightweight Directory Service (AD LDS) is a lighter version of Active Directory Domain Services that provides the means to maintain extranet directories separate from your Active Directory, create information consolidation stores, and authenticate web users with LDAP-based authentication. EmpowerID manages AD LDS in the same way that it manages an Active Directory account store.
To createCreate an account store for AD LDS
In the navigation sidebar, expand Admin > Applications and Directories and then click Account Stores and Systems.
On the Account Stores page, click Create Account Store.
Under System Types, search for LDS.
Click Active Directory LDS (ADAM) to select the type and then click Submit.
On the ADAM Settings page that appears, fill in the following information:
Name and Display — Enter a name for the account store
AD LDS Server — Enter the name of the Active Directory LDS server and the port number if other than 389. The format is Server Name:Port Number.
If you are using LDAPS, type the Subject name of the certificate for the domain controller to which you are connecting followed by port 636 in the FQDN of Forest field. Thus, if the Subject name is "dc01.eiddoc.com," you enter dc01.eiddoc.com:636.Partition Suffix — Enter the partition suffix, for example: CN=PROD,DC=TheDotNetFactory,DC=COM
Domain — Leave blank if using a native AD LDS user account or enter the name of the domain that the server hosting the AD LDS instance is a member of, e.g., PROD
User Name — Enter the AD Account or the distinguished name of the AD LDS account, such as CN=Directory Manager,CN=Roles,DC=MyCompanyLDS,Dc=Com
Password — Enter connection credentials that EmpowerID can use to manage AD LDS.
Is Remote (Requires Cloud Gateway) — This setting appears for account stores with local directories, such as Active Directory, LDAP, SAP, etc. When enabled, this tells EmpowerID to use the Cloud Gateway Connection for that account store. The Cloud Gateway Connection must be installed on an on-premise machine. For installation information, please see Installing the EmpowerID Cloud Gateway Client.
When ready click Submit to create the account store.
EmpowerID creates the account store and the associated resource system. The next step is to configure attribute flow between the account store and EmpowerID.
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
Now that the attribute flow has been set, the next steps include configuring the account store and enabling EmpowerID to inventory it.
To configureConfigure account store settings
On the Account Store and Resource System page, click the Account Store tab and then click the pencil icon to put the account store in edit mode.
This opens the edit page for the account store. This page allows you to specify the account proxy used to connect EmpowerID to your AD LDS instance as well as how you want EmpowerID to handle the user information it discovers in AD LDS during inventory. Settings that can be edited are described in the table below the image.
Insert excerpt IL:Account Store Settings IL:Account Store Settings nopanel true Edit the account store as needed and then click Save to save your changes.
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
| Tip |
|---|
EmpowerID recommends using the Account Inbox for provisioning and joining. |
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
| Div | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||
| Live Search | |||||||||||
| size | large | ||||||||||
| 2020 | IN THIS ARTICLE
| Table of Contents | ||||||||
|---|---|---|---|---|---|---|---|---|
|