Skip to main content

LDAP Directories

Connector name

agtldap

Connector type

Executable

Type (UI field value)

LDAP Directory Service

Target system versions supported / tested

LDAP v2 and LDAP v3 directories

Connector status / support

Bravura Security-Verified

This connector has been tested and is fully supported by Bravura Security.

Bravura Security Fabric performs operations on LDAP v2 and LDAP v3 directories by directly binding to the LDAP or LDAPS service and issuing LDAP commands to modify user objects. The LDAP bind operation itself is used to validate current passwords, and LDAP search is used to enumerate users.

Bravura Security Fabric can create, delete, enable, disable, modify, rename and move LDAP users in any specified directory or OU. It creates new LDAP users by cloning existing ones, copying and adjusting attributes in the process. It can also manage the membership of LDAP users in LDAP groups.

The following Bravura Security Fabric operations are supported by the agent for LDAP Directories (agtldap):

  • administrator verify password

  • get server information

  • user change password

  • expire password

  • check password expiry

  • administrator reset password

  • unexpire password

  • unlock account

  • user verify password

  • create account

  • delete account

  • disable account

  • enable account

  • create group

  • delete group

  • add user to group

  • delete user from group

  • add group to group

  • remove group from group

  • add owner(user) to group

  • remove owner(user) from group

  • add owner(group) to group

  • remove owner(group) from group

  • check account enabled

  • check account lock

  • lock account

  • move contexts

  • rename account

  • update attributes

  • list account attributes

  • List:

    • accounts

    • attributes

    • groups

    • members

    • computer objects

  • persistent listing

For a full list and explanation of each connector operation, see Connector operations.

The following sections show you how to:

  • Export and install SSL certification files

  • Define an account for the target system administrator in an LDAP Directory

  • Set the LDAP Directory Service target system address in Bravura Security Fabric

  • Create template accounts using the Netscape Console

  • Handle account attributes

  • Manage groups

  • Handle LDAP referrals

This chapter also describes how Bravura Security Fabric handles special attributes, used when creating or modifying accounts on an LDAP Directory Service target.

In this section: