BES10 logo
BlackBerry Enterprise Service 10 version 10.2
 

Connect the Universal Device Service to an LDAP directory

You can connect the Universal Device Service to an LDAP directory so that it can access the list of users in your organization.

Before you begin: If you want to use SSL authentication for the LDAP connection, you must import the server certificate using MMC. For more information, see Import the server certificate for an LDAP connection that uses SSL.
  1. In the Administration Console, on the menu bar, click Settings > Company Directory.
  2. Select the Corporate LDAP Directory checkbox.
  3. In the LDAP server discovery drop-down list, complete one of the following tasks:
    • Select Automatic, and type the domain name of the LDAP server in the Domain field.
    • Select Select server from the list below, and type the server address in the LDAP Server field.
  4. In the LDAP Port field, type the TCP port number for communication. The default port for an SSL enabled connection is 636. The default port for a connection that is not encrypted is 389.
  5. If the connection requires authorization, select the Authorization required checkbox, select None in the Authentication type drop-down list, and specify the username and password of the user that has LDAP search permissions. Note: For an SSL enabled connection that uses anonymous authorization, you must deselect the Authorization required checkbox.
  6. Optionally, in the Search base field, type the location in the company directory where you want searches in the directory to begin.
  7. Optionally, in the LDAP user search scope drop-down list, perform one of the following actions:
    • To search all objects below the base object, click All levels. This is the default setting.
    • To search objects that are one level immediately below the base object, click One level.
  8. In the Object class field, type the name of the object class that your user accounts belong to.
  9. In the Unique identifier field, type the unique identifier for the LDAP directory (for example, uid).
  10. In the Login attribute field, type the login attribute to use for authentication (for example, cn).
  11. In the Email address field, type the attribute that contains the user's email address (for example, mail).
  12. In the Display name field, type the attribute that contains the user's display name (for example, displayName).
  13. Click Test to confirm that the connection to the company directory is configured correctly.
  14. Click Save.
Last updated: 2015-02-23
©2015 BlackBerry. All Rights Reserved. | Glossary