# Microsoft Active Directory **OvalEdge** supports integration with **Microsoft Active Directory (AD)** through the **Lightweight Directory Access Protocol (LDAP)**. Connecting OvalEdge to AD helps organizations streamline user onboarding and improve security. ## Purpose The purpose of integrating OvalEdge with Microsoft Active Directory (LDAP) is to: * Allow users to log in with their **AD credentials** * **Centralize authentication** and security * Automate **user and group provisioning** * Enforce **role-based access control** using AD groups ## **Prerequisites** Ensure the following components are in place before initiating the integration process: * **Active Directory Server Details** * **LDAP/LDAPS URL:** ``` ldap://:389 ldaps://:636 ``` * **Base DN:** ``` DC=yourdomain,DC=com ``` * **Service Account Credentials (for binding):** * **Bind DN:** ``` CN=ldapuser,CN=Users,DC=yourdomain,DC=com ``` * **Bind Password:** Required for authentication * **LDAP Filters** * **User Search Filter:** ``` (&(objectClass=user)(sAMAccountName={0})) ``` * **Group Filter (optional):** ``` (objectClass=group) ``` * **User Attributes Mapping** * **Username:** `sAMAccountName` * **Email:** `mail` * **Display Name:** `cn` * **Access and Permissions** * **OvalEdge Admin Access:** Required to configure integration settings * **Network Access:** OvalEdge server must have connectivity to the AD/LDAP server ## Steps Involved 1. **Update the oasis.properties File** * Log in to the **OvalEdge server** as an admin * Set the security type to **LDAP**
2. **Enter LDAP Connection Details** * Fill the following fields in the configuration page: | Field | Example | | ------------------------- | ----------------------------------------- | | LDAP URL | ldap\://ad.company.com:389 | | Base DN | DC=company,DC=com | | Bind DN (Service Account) | CN=ldapuser,CN=Users,DC=company,DC=com | | Bind Password | \*\*\*\*\*\* | | User Search Filter | (&(objectClass=user)(sAMAccountName={0})) | | Username Attribute | sAMAccountName | | Display Name Attribute | CN | | Email Attribute | Mail | * Click **Test Connection** to validate the details
3. **Enable LDAP Authentication** * Set the authentication mode to **LDAP** * Save the configuration
4. **Sync Users and Groups** * Navigate to **Admin → Users → Sync from LDAP** * OvalEdge pulls users and groups based on the configured filters * Assign **AD groups** to OvalEdge roles like: * `ROLE_ADMIN` * `ROLE_USER` *** Copyright © 2025, OvalEdge LLC, Peachtree Corners, GA, USA.