eDirectory

Estimated reading: 2 minutes 58 views

The MyPass Connector for eDirectory is used by the MyPass cloud to reset passwords for eDirectory LDAP accounts.

MyPass Cloud supports easy integration into multiple eDirectory user repositories from a single tenant or Gateway. The integration is implemented using TCP communication. Encryption must be used through either SSL or TLS. 

MyPass Cloud requires the following parameters to be configured to be able to access an eDirectory server.

PARAMETER DESCRIPTION
ConnectingString
LDAP://SERVERNAME>[:PORT]
Base DN for Users
The Base DN where FastPass will search for users eg. O=Target
Encryption Mode
SSL/TLS –please make sure that SSL certificate is trusted and naming is correct
Admin Account
This is the DN of the admin account having the necessary rights to reset passwords for the end-users. Eg. cn=Admin,O=target
Admin Password
The password for the above account.

The Gateway server responsible for the connection to eDirectory. This server must trust the root certificate of the eDirectory server. Furthermore, MyPass should have an admin account with the ability to complete the following operations:

  • Lookup the accounts using the CN attribute.
  • Reset Passwords by modifying the userPassword attribute.
  • Unlock accounts by modifying the lockedByIntruder and loginIntruderAttempts attributes.

By default, the connector will reset the password to a random password, unlock the account & finally attempt to change the password as an ordinary user. This process is done in the instance where Password History is required.

eDirectory Configuration Testing

Your MyPass Cloud engineer canprovide a simple testing tools for the MyPass Connectors to be used in validating you configuration. This tool uses all the same calls the Gateway will make, but provides interactive feedback.

The tool has options to check “Check Connection”, “Reset Password” and “Change Password”. Start testing by providing the connection details and clicking the “Check Connection” button. Logging is done in the same folder as the tool resides.

If you require any assistance, please contact your MyPass Cloud engineer or submit a request at [email protected].