Password Synchronization with AD LDS Server
Steps to configure AD LDS Server with ADSelfService Plus
Important : Install the Password Sync Agent to synchronize native password changes and resets.
-
Log into ADSelfService Plus admin console with admin credentials.
-
Navigate to Configuration → Self-Service → Password Sync/ Single Sign On.
-
Select the ADS LDS Server application.
Note:
You can also find ADS LDS Server application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
-
Enter the Application Name and Description.
-
In the Assign Policies field, select the policies for which password sync need to be enabled.
Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
-
Select Enable Password Sync.
-
Enter the System Name / IP Address.
-
Enter the Domain Name of the AD LDS Server in distinguished name format. For example, dc=example,dc=com.
-
Enter the User Name of the AD LDS Server. It may be AD-DS (Active Directory Domain Service) user or AD-LDS user. AD-DS name could be either in sAMAccountName or NetBIOSDomainName\sAMAccountName . AD-LDS user name should only be in distinguished name format.For example, cn=directory_manager,dc=example,dc=com.
-
Enter the Password of the AD LDS Server.
Note:
The username and password must belong to the administrator account of the server in which AD LDS is installed.
-
Enter the LDAP (default port for LDAP is 50000) and LDAP SSL (default port for LDAP SSL is 50001) port number of the AD LDS Server.
-
If we configured User Name from AD-LDS service, SSL should be enabled in AD-LDS service in order for the password changes to work in ADSSP.
-
Click Add Application