You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: includes/active-directory-app-provisioning-ldap.md
+3-4Lines changed: 3 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -179,7 +179,6 @@ Currently, the LDAP connector provisions users with a blank password. This prov
179
179
|Binding|SSL|
180
180
|User Name|How the ECMA Connector will authenticate itself to your directory server. In this sample, the example username is `CN=svcAccount,CN=ServiceAccounts,CN=App,DC=contoso,DC=lab`|
181
181
|Password|The password of the user name specified|
182
-
|Allow manual anchor selection |Allows you to update the anchor in the object types page if required. |
183
182
184
183
>[!NOTE]
185
184
>If you experience and issue trying to connect, ensure that the service account in AD LDS or your other directory server is enabled.
@@ -198,15 +197,15 @@ Currently, the LDAP connector provisions users with a blank password. This prov
198
197
13. On the **Full Import** page, leave the defaults and click **Next**.
199
198
14. On the **Object Types** page, fill in the boxes and select **Next**.
200
199
-**Target object**: This object is the target object in the LDAP directory.
201
-
-**Anchor**: This attribute should be unique in the target directory. The Azure AD provisioning service will query the ECMA connector host by using this attribute after the initial cycle. If you are unable to change the anchor, please ensure that manual anchor selection is enabled in the connectivity page of the ECMA connector host.
200
+
-**Anchor**: This attribute should be unique in the target directory. The Azure AD provisioning service will query the ECMA connector host by using this attribute after the initial cycle. You must be using agent version 1.1.846.0 or aboce for ObjectGUID to work as the anchor.
202
201
-**Query Attribute**: Used by the ECMA connector host to query the in-memory cache. The values of this attribute should be unique for each user. You'll refer to this attribute again subsequently in the Azure portal, when configuring attribute mappings, as an attribute to use for matching.
203
202
-**DN**: The distinguishedName of the target object.
204
203
205
204
|Property|Description|
206
205
|-----|-----|
207
206
|Target object|User|
208
-
|Anchor|userPrincipalName|
209
-
|Query Attribute|userPrincipalName|
207
+
|Anchor|ObjectGUID|
208
+
|Query Attribute|ObjectGUID|
210
209
|DN|dn|
211
210
|Autogenerated|unchecked|
212
211
15. The ECMA host discovers the attributes supported by the target system. You can choose which of those attributes you want to expose to Azure AD. These attributes can then be configured in the Azure portal for provisioning.On the **Select Attributes** page, add all the attributes in the dropdown list, and select **Next**.
0 commit comments