Multi-domain Active Directory and OpenLDAP Support
Device42 can now be configured to work with multiple Active Directory (AD) servers. AD servers can be used for both Active Directory-based logins and AD synchronization.
AD settings can be found and configured under Tools > Settings > Active Directory Settings and are only accessible to Device42 superusers. Multiple Active Directory settings and up to one OpenLDAP server setting can be configured at a time to properly describe your environment. Each Active Directory setting can also specify multiple domains.
Add New Active Directory or OpenLDAP Settings
From the Active Directory/LDAP Settings list page, click Create.


Under LDAP Type, choose Active Directory or Open LDAP.


For the Active Directory type, choosing Domain\Username as your Username login Style reveals the Get Referral NetBIOS option, which returns usernames in the format ReferralNetbios/Username
.


If you select Domain\Username as your Username login Style, users will be required to enter both their domain and username to log in to Device42.


For the Open LDAP type, you can choose an OpenLDAP group attribute to identify group members. The available options are memberUid, uniqueMember, members, and member.


You can add multiple AD/LDAP Domains and mark them as Default.


Test Connections
Test a user account for permission to query AD:
-
Save your settings to display the settings details page, then open the ellipsis (...) menu and select Test Connection.
-
You will be prompted to provide credentials for initiating the test. Leave the credentials blank to use the currently selected username and password.
Configuring an Active Directory User Sync / Discovery Job
You may now configure an AD Sync Job to pull AD users in bulk and/or keep them synced. Proceed to the Active Directory Discovery Job docs page to view the AD discovery process.