Replicator for Microsoft® Directory Service Active Directory®
Please follow the general instructions for setting up a replicator on the Replicator Wizard page.
Procedure for Adding a Replicator
- Select the type of data source
Select the Active Directory® database type.
- Settings for the data source (selection of the server, the data structure that should be imported and so forth)
Server Information
- Active Directory® Server
A Windows® server with Active Directory® is always an LDAP server. Enter the server name or leave the field blank to use the default domain controller. The default port for Active Directory® is 389. The Global Catalog is the collection of user information from multiple Active Directory® servers in the enterprise.
Login Information
Select how to authenticate to the LDAP server.
- Manual Login
Enter the username, password and the authentication method for the LDAP server. The username must have a specific format. Examples are cn=Username,cn=users,dc=company,dc=com or Administrator@company.com
Search Options
Enter where to search in the database.
- Search Base
The search base is the folder where the search begins. The search base is usually automatically read from the LDAP server.
- Filter
You may enter a filter for the entries in the database. For Active Directory® please use (objectCategory=person).
- Search only in the Search Base folder
If this option is selected, no subdirectories are searched.
- Do not replicate disabled objects
- Do not replicate expired objects
- Only replicate modified objects
When this option is selected, a replication run replicates only those contacts that have changed in the data source since the last replication (incremental replication).
Note:
When an Active Directory® object is deleted, a small portion of the object is preserved for a specified period of time so that other domain controllers can replicate the changes. This period is called a "tombstone expiration time" and is configurable. During this time, the AD replicator can query the deleted contacts using the CommonName "Deleted Objects" (e.g. CN..B Deleted Objects,DC=estos,DC=en). The replicator user needs more rights than just querying the contact data! Whether the replicator user has the necessary access rights can be used on the AD server with the ldp.exe or an LDAP browser. For this, the server control "1.2.840.113556.1.4.417" must be activated in the advanced LDAP settings.
- Field mapping, which source fields are copied to which LDAP fields
- Configure links to contact URL
- Datasource location settings
- Schedule replication plan
- Defining additional applications to be started
- Assigning a name for the new replicator