The following example details will be required for the directory connection in AppsAnywhere.

Active Directory

Directory Type:

Active Directory, Azure AD or OpenLDAP

LDAP Hostname:

ldap.uni.edu

Full Domain Name:

domain.uni.edu

Short Domain Name:

university

Domain Suffixes:

uni.edu,uni.local

Base DN:

(dc=domain,dc=uni,dc=edu)

Certificate Required:

No

  • If domain controllers require a certificate for LDAPS connections, the Root CA Certificate will need to be provided to AppsAnywhere and added to the servers.

  • The certificate should be in the X.509 Base64 .CRT format with the filename ldaps-ca.crt and saved to a location that is accessible by AppsAnywhere Support.

  • By default, all domain controllers are configured to accept LDAPS connections on port 636. If this is permitted without the need for an SSL certificate, no further action is needed.

Active Directory Attributes

If access control (ACL) is applied to the LDAP directory that AppsAnywhere connects to, the following list of attributes should be made available to the AppsAnywhere service account.

AppsAnywhere can be configured with additional attributes to search on when creating the LDAP connection.

Any additional attributes configured for the search will also need ACLs applied to allow the AppsAnywhere service account to read them.

  1. dn

  2. cn

  3. displayName

  4. objectClass

  5. memberOf

  6. primaryGroupId

  7. sAMAccountType

  8. sAMAccountName

  9. userPrincipalName

  10. objectGUID

  11. objectSid

OpenLDAP

Account Filter Format:

(&(objectClass=user)(sAMAccountName=%s))

User classes:

person;user

Group classes:

group

Search Attributes:

cn

OpenLDAP Attributes

If access control (ACL) is applied to the LDAP directory that AppsAnywhere connects to, the following list of attributes should be made available to the AppsAnywhere service account.

AppsAnywhere can be configured with additional attributes to search on when creating the LDAP connection.

Any additional attributes configured for the search will also need ACLs applied to allow the AppsAnywhere service account to read them.

  1. dn

  2. cn

  3. givenName

  4. objectClass

  5. memberUid

  6. member

  7. uniqueMember

  8. uid

  9. entryUUID