ARKSSPR 2.0
  • ARKSSPR
    • Overview
      • What is ARKSSPR
      • FAQs
      • Road-Map
      • Licensing
    • Planning
      • POC Requirements
      • Supported Configurations
      • Windows Server Requirements
      • SQL Server Requirements
      • Network Requirements
      • Design
    • Deployment
      • Active Directory Rights
      • DNS Service Record for Agent Autodiscovery
      • HTTPS Certificate
      • ARKSSPR Internal Installation
        • Installing Microsoft SQL Server
        • Internet Information Service Installation
        • .NET Core 6.0 Download and Install
        • .Net Framework 4.7.2 Download and Install
        • Installation
        • First Time Wizard
        • IIS Configuration
        • Initial Configuration
      • ARKSSPR DMZ Installation
        • Internet Information Service Installation
        • .NET Core 6.0 Download and Install
        • Installing ARKSSPR DMZ Installation
        • IIS Configuration
        • Initial Configuration
    • Administration
      • Login
        • Root Account
      • Password Reset
      • Unlock Account
      • My Account
        • Change Password
        • Secondary E-Mail
        • Validation Type
        • Authenticator Definition
      • Report Management
        • Reports
        • Report Schedule
      • Role Management
      • Settings
        • General Settings
          • Server Settings
          • LDAP Settings
          • E-Mail Settings
          • SMS Settings
          • Syslog Settings
          • Ticket Settings
        • Login Settings
          • General Settings
          • Captcha Settings
          • Validation Settings
        • User Settings
          • Authenticator Management
        • Policy Settings
          • Password Settings
          • Policy Settings
        • Portal Settings
      • License Management
        • Offline License
        • Online License
      • Log Management
      • Screen Management
      • Ticket Management
    • Troubleshooting
      • UserTokenTTL
      • Securing Windows Server
Powered by GitBook
On this page
  • Create LDAP Connection
  • Domain FQDN
  • Port/Secure
  • Authentication (Username/Password)
  • Edit LDAP
  • AD User Phone Attribute
  • Alternate Input Attribute

Was this helpful?

  1. ARKSSPR
  2. Administration
  3. Settings
  4. General Settings

LDAP Settings

PreviousServer SettingsNextE-Mail Settings

Last updated 8 months ago

Was this helpful?

ARKSSPR is Active Directory integrated software. See: Roadmap. User accounts in Active Directory can perform password and account unlocking operations via ARKSSPR. Supports multiple Active Directory domains. All Active Directory domains for which accounting transactions are required should be added to the list from this screen.

One of the most important issues in SMS integration is mobile phone information. From this screen, the attribute containing the mobile phone number must be selected.

UserPrincipalName and samAccountName information can be used in user login operations. In addition to these 2 pieces of information, a different attribute can be used as username information. Users can also use custom attribute information in login operations.

Create LDAP Connection

Domain FQDN

Active Directory domain FQDN address is entered. This field supports entering the server name. It is recommended to enter Domain FQDN information. Example: domain.com

Port/Secure

LDAP port information is entered. By default, Unsecure LDAP connection is TCP 389, Secure LDAP connection is TCP 636. If a special port is used, it must be entered in this field.

The Secure option determines the use of LDAP/Secure LDAP.

Authentication (Username/Password)

In the username field, the user account that will be connected to the Active Directory domain and has the privileges of unlocking the account, resetting the password, reading mobile phone information, and reading alternative username attribute information is entered. This user account is also preferred to be given Replicate Directory Changes authority at the domain root level. Thanks to this authority, password history checks become applicable in password reset operations.

Test buttons are used to perform LDAP connection testing.

Edit LDAP

Click the edit button to determine the mobile phone and alternative username field and make changes to the LDAP connection.

AD User Phone Attribute

The attribute to be used for the mobile phone is selected. If this attribute is protected, the account used for the ldap connection needs read permission for this attribute.

Alternate Input Attribute

An alternative attribute other than UserPrincipalName and samAccountName can be used as an alternative username field.

When the Authentication option is selected, it is stated that a user account will be used for LDAP transactions. If the Authentication option is not selected, the user account specified for the is used for the operations specified below.

LDAP Settings Screen
Edit LDAP Screen
IIS Application Pool