Directory Connection
The following example details will be required for the directory connection in AppsAnywhere.
Refer to Connectivity Requirements to ensure the network requirements are in place
Creating SAML Attribute Mappings can be configured instead of or in addition to a Directory connection
Active Directory Information
Directory Type | Active Directory |
LDAPS Hostname | domain.uni.edu |
Full Domain Name | domain.uni.edu |
Short Domain Name | university |
Domain Suffixes | uni.com,uni.local |
Base DN | dc=domain,dc=uni,dc=edu |
Certificate Required | No |
Port | 636 |
If domain controllers require a certificate for LDAPS connections, the Root CA Certificate will need to be provided to AppsAnywhere and added to the servers.
The certificate should be in the X.509 Base64 .CRT format with the filename ldaps-ca.crt and saved to a location that is accessible by AppsAnywhere Support.
By default, all domain controllers are configured to accept LDAPS connections on port 636. If this is permitted without the need for an SSL certificate, no further action is needed.
Active Directory Attributes
If access control (ACL) is applied to the LDAP directory that AppsAnywhere connects to, the following list of attributes should be made available to the AppsAnywhere service account.
AppsAnywhere can be configured with additional attributes to search on when creating the LDAP connection.
Any additional attributes configured for the search will also need ACLs applied to allow the AppsAnywhere service account to read them.
dn
cn
displayName
objectClass
memberOf
primaryGroupId
sAMAccountType
sAMAccountName
userPrincipalName
objectGUID
objectSid
OpenLDAP information
Directory Type | OpenLDAP |
LDAPS Hostname | domain.uni.edu |
Full Domain Name | domain.uni.edu |
Short Domain Name | university |
Domain Suffixes | uni.com,uni.local |
Base DN | dc=domain,dc=uni,dc=edu |
Certificate Required | No |
Account Filter Format | (&(objectClass=user)(sAMAccountName=%s)) |
User classes | person;user |
Group classes | group |
Search Attributes | cn |
Port | 636 |
OpenLDAP Attributes
If access control (ACL) is applied to the LDAP directory that AppsAnywhere connects to, the following list of attributes should be made available to the AppsAnywhere service account.
AppsAnywhere can be configured with additional attributes to search on when creating the LDAP connection.
Any additional attributes configured for the search will also need ACLs applied to allow the AppsAnywhere service account to read them.
dn
cn
givenName
objectClass
memberUid
member
uniqueMember
uid
entryUUID