# Microsoft Active Directory **OvalEdge** supports integration with **Microsoft Active Directory (AD)** through the **Lightweight Directory Access Protocol (LDAP)**. Connecting OvalEdge to AD helps organizations streamline user onboarding and improve security. ## Purpose The purpose of integrating OvalEdge with Microsoft Active Directory (LDAP) is to: * Allow users to log in with their **AD credentials** * **Centralize authentication** and security * Automate **user and group provisioning** * Enforce **role-based access control** using AD groups ## **Prerequisites** Ensure the following components are in place before initiating the integration process: * **Active Directory Server Details** * **LDAP/LDAPS URL:** ``` ldap://:389 ldaps://:636 ``` * **Base DN:** ``` DC=yourdomain,DC=com ``` * **Service Account Credentials (for binding):** * **Bind DN:** ``` CN=ldapuser,CN=Users,DC=yourdomain,DC=com ``` * **Bind Password:** Required for authentication * **LDAP Filters** * **User Search Filter:** ``` (&(objectClass=user)(sAMAccountName={0})) ``` * **Group Filter (optional):** ``` (objectClass=group) ``` * **User Attributes Mapping** * **Username:** `sAMAccountName` * **Email:** `mail` * **Display Name:** `cn` * **Access and Permissions** * **OvalEdge Admin Access:** Required to configure integration settings * **Network Access:** OvalEdge server must have connectivity to the AD/LDAP server ## Steps Involved 1. **Update the oasis.properties File** * Log in to the **OvalEdge server** as an admin * Set the security type to **LDAP**
2. **Enter LDAP Connection Details** * Fill the following fields in the configuration page: | Field | Example | | ------------------------- | ----------------------------------------- | | LDAP URL | ldap\://ad.company.com:389 | | Base DN | DC=company,DC=com | | Bind DN (Service Account) | CN=ldapuser,CN=Users,DC=company,DC=com | | Bind Password | \*\*\*\*\*\* | | User Search Filter | (&(objectClass=user)(sAMAccountName={0})) | | Username Attribute | sAMAccountName | | Display Name Attribute | CN | | Email Attribute | Mail | * Click **Test Connection** to validate the details
3. **Enable LDAP Authentication** * Set the authentication mode to **LDAP** * Save the configuration
4. **Sync Users and Groups** * Navigate to **Admin → Users → Sync from LDAP** * OvalEdge pulls users and groups based on the configured filters * Assign **AD groups** to OvalEdge roles like: * `ROLE_ADMIN` * `ROLE_USER` *** Copyright © 2025, OvalEdge LLC, Peachtree Corners, GA, USA. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ovaledge.com/installation-and-settings/authentication-and-sso-setup/microsoft-active-directory.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.