Foldr Zen Zone

Active Directory Settings

The administrator can configure the authentication settings for Active Directory under Foldr Settings >> General >> LDAP.   If Active Directory is not being used, this section can be skipped, and local user accounts created directly in the Users & Groups tab in Foldr Settings.

Active Directory Settings

The LDAP Server should be configured to point at one (or optionally more) Windows Domain Controllers on the internal network, prefixed with ldap://

i.e. ldap://domain_controller.company.internal

(FQDN or IP address of a domain controller.  Note – ldap:// prefix)

Multiple domain controllers can be entered, prefixing each with ldap:// (or ldaps://) separated by a space.

LDAP Search DN:

DC=company,DC=internal

The example shown above will search for users and groups in the root of the Active Directory domain.  The Search DN could be used to also control which users are allowed to sign into Foldr, but a superior and more granular method for doing can be found within the Security tab

LDAPS Support

If the domain supports LDAPS, simply prefix the LDAP Server address with ‘ldaps://’ – You can optionally append a port; if this is not done Foldr will assume the default port of 636 is being used.

Example LDAP Settings:

LDAPS is required if you intend to use Active Directory password change control, delegated or self-service password reset features in Foldr.  LDAPS is required if you intend to use the password change control, delegated or self-service password reset features in Foldr.  Enabling LDAPS on a Windows domain controller is typically done by default after installing the Domain Certificate Services >> Enterprise CA role in Server Manager.  However, there are considerations to be made when enabling this in your AD infrastructure:

Enabling Secure LDAP on Windows Server 2008/2012 Domain Controllers