Synchronizing with LDAP

ESET Secure Authentication supports synchronization with LDAP.

1.Access ESA Web Console and click Users.

2.Next to Realms, click icon_add-or-create, select Create Synchronized Realm.

3.Enter the address of your LDAP server, select the applicable LDAP server type from the Sync Server type drop-down menu, and enter your LDAP username and password.

4.If this is a one time import, leave the Sync interval intact. Otherwise, select the applicable synchronization interval.

5.Select the check box next to Run immediately and click Save.



Once your ESA instance is synchronized with LDAP, to synchronize it again manually:

1.In the Realms section, select the saved and synchronized LDAP server.

2.Click the gear icon icon_settings_inline  and then click Synchronize Now.


Supported configuration parameters

objFilter - Required; used as a filter for selecting the user object in LDAP.

AttrName - Optional; name of LDAP user property storing the user name. If Windows LDAP is selected for Sync Server Type, the username is read from "sAMAccountName" property. Otherwise, the username is read from "cn" property.

AttrPhone - Optional;  name of LDAP user property holding the phone number. If the AttrPhone parameter is not used, the mobile number is taken from the user field that is set as default in ESA Web Console > Settings > Mobile Number Field.

AuthType - Optional; defines the type of authentication used when connecting to LDAP server. Default value for the Windows platform is 1 (Secure), for the other platform 0 (None). Available values:

o0 (None)

o1 (Secure)

o2 (Encryption/SecureSocketsLayer)

o4 (ReadonlyServer)

o16 (Anonymous)

o32 (FastBind)

o64 (Signing)

o128 (Sealing)

o256 (Delegation)

o512 (ServerBind)

For more information on each authentication type see the official Microsoft documentation.