Pricing  Get Quote

Password Sync

Integrating AD LDS with Active Directory for password synchronization

Active Directory Lightweight Directory Services (AD LDS) is a Lightweight Directory Access Protocol (LDAP) directory service providing both data storage and retrieval support for directory-enabled applications. Aside from Active Directory Domain Services (AD DS), AD LDS is the only other identity provider supported by Active Directory Federation Services for authentication purposes and to supply claims to federation-aware web applications.

Password synchronization to the rescue

Many of us use a wide range of applications, and remembering the username and password for every application can be quite challenging. Thankfully, there is a solution: password synchronization. It enables users to log in to all their applications using a single username and password. This is where ADSelfService Plus comes into play.

To get started with password synchronization, configure the applications you are using in ADSelfService Plus. Once complete, whenever users change their password through ADSelfService Plus, the change will be replicated across all connected applications. The AD LDS integration with Active Directory is explained below.

How do you integrate AD LDS with Active Directory for password sync?

Follow the steps below to configure password synchronization for the AD LDS server using ADSelfService Plus. Having AD LDS synchronize with Active Directory will make password synchronization possible.

Steps to configure the AD LDS server with ADSelfService Plus

  1. Log in to the ADSelfService Plus admin console.
  2. Navigate to Application → Add New Application.
  3. Select the ADS LDS application.

    Note: You can also find the ADS LDS Server application that you need from the search bar located in the left pane, or the alphabet-wise navigation option in the right pane.

  4. Enter the Application Name and Description.
  5. In the Assign Policies field, select the policies for which password sync needs to be enabled.

    Note: ADSelfService Plus allows you to create OU- and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.

  6. Select Enable Password Sync.
  7. Enter the System Name/IP Address.
  8. Enter the Domain Name of the AD LDS server in distinguished name format. For example, dc=example, dc=com.
  9. Enter the User Name of the AD LDS server. It may be an AD DS user or an AD LDS user. The AD DS username could either be in sAMAccountName or NetBIOSDomainName\sAMAccountName format. An AD LDS username should only be in distinguished name format. For example, cn=directory_manager,dc=example,dc=com.
  10. Enter the Password of the AD LDS server.

    Note: The username and password must belong to the administrator account of the server in which AD LDS is installed.

  11. Enter the LDAP (default port for LDAP is 50000) and LDAP SSL (default port for LDAP SSL is 50001) port numbers of the AD LDS server.
  12. If you configured the username from AD LDS, SSL must be enabled in AD LDS for the password changes to work in ADSelfService Plus.
  13. Click Add Application.

Benefits at a glance

Integrating and synchronizing AD LDS with ADSelfService Plus will help IT admins:

  • Quickly implement a secure, robust, and cost-effective solution for password management.
  • Reduce a major source of help desk calls, and will help admins focus on other important tasks.
  • Extend corporate password complexity rules to AD LDS.
  • Get a real-time password change notification via SMS or email as soon as a password is changed.
  • Deploy multi-factor authentication techniques for when users try to change their passwords.

Salient features of the password synchronizer:

  • Allows AD passwords to be synced with a wide range of cloud-based and on-premise applications.
  • Offers the flexibility to apply password synchronization to only specific applications for particular users based on their group, OU, or domain membership.
  • Enforces custom AD password policies from within the application across other business systems like Microsoft 365.
  • Synchronizes the new AD password instantly to all other applications.

Sync AD password changes to AD LDS server accounts using ADSelfService Plus.

Get your free trial  

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by