Skip to main content
Matrix42 Self-Service Help Center

Installation Guide IV: Connect Active Directory

Connect your Active Directory

  • Login as Settings Administrator to your Silverback Management Console
  • Navigate to LDAP
  • By Default Silverback is configured for userPrincialName
    • Change, if desired to sAMAccountName (not recommended)
  • Enter your LDAP Server: e.g. dc01.imagoverum.com
  • Change the LDAP Port if needed (Default 389)
  • Change the LDAP Type if needed (Default AD)
  • Enter a LDAP Lookup Service Username 
  • Enter LDAP Lookup Service Password
  • Enter Custom LDAP Variables (optional)
    • Custom LDAP Var0: e.g. employeeID
  • Configure Additional Settings

LDAP Settings 

These settings govern how the system connects to LDAP sources, and also what information should be brought back for users.

Setting   Description
Account Field e.g. userPrincipalName Clicking the link will download a full export of all the settings. Note that this is encrypted with the servers web settings encryption certificate.
Distinguished Name e.g. DC=imagoverum,DC=com The DN used for LDAP users lookup, this is a fall back if the item in the LDAP Mapping section does not work.
Email Field e.g. mail The LDAP Property used for the user’s email address
LDAP Filter e.g. (&(objectClass=user)(userPrincipalName={0})) Users must match this filter when using the SSP, or they cannot create enrolments, this is a fall back if the item in the LDAP Mapping section does not work.
LDAP Administrator Filter e.g. OU=Silverback Organization Unit where all your Administrator accounts are stored. Please refer to Release Notes Silverback 18.0 Update 3 for any additional information.
LDAP Server e.g. dc01.imagoverum.com The network address of the LDAP Server
LDAP Port e.g 389 The network port to use for LDAP Server connections
LDAP Type
  • AD (default)
  • Domino
  • Novel
The type of LDAP Source. (LDAP, Domino, Novell)
Certificate User Field e.g. userPrincipalName Determines if LDAP/S is used or not
Email User Field e.g. userPrincipalName The LDAP Property used for the user’s Email username
VPN User Field e.g. userPrincipalName The LDAP Property used for the user’s VPN username
LDAP Wi-Fi Field e.g. userPrincipalName The LDAP Property used for the user’s Wi-Fi username
LDAP Wi-Fi Proxy User Field e.g. userPrincipalName The LDAP Property used for the user’s WiFi Proxy Username
LDAP Wi-Fi SMIME User Field e.g. sAMAccountName The LDAP Property used for the user’s SMIME Certificate Username – This is used for WiFi Certificate Generation
LDAP Global HTTP Proxy User Field e.g. userPrincipalName The LDAP Property used for the user’s Proxy settings if enabled by profiles
LDAP First Name User Field givenName The LDAP Property used for the user’s First Name
LDAP Surname User Field sn The LDAP Property used for the user’s Last Name
LDAP Lookup Username e.g. service_ldap@imagoverum.com If needed, a Bind username for LDAP Lookups, anonymous binds will be used if this is not specified
LDAP Lookup Password e.g. Pa$$w0rd If needed, a Bind password for LDAP Lookups
LDAP Request Page Size e.g. 500 How many items should return per page in LDAP request. For large LDAP Results, this can reduce issues with missing users for Tag Population
LDAP Referral Chasing Option
  • None
  • Subordinate
  • External
  • All (default)
Determines if the server should “chase” referrals to other LDAP Sources
Number of LDAP Request Retries e.g. 3 How many attempts should be made for an LDAP request before the system will fail.

Add your Custom LDAP Variables

These variables are used for System Variables when generating profiles. These are useful if you need to populate a miscellaneous value into a profile for a user that isn’t covered by the normal values above. 

Setting   Description
Custom LDAP Var0 e.g. distinguishedName Custom Variable to be returned for the user
Custom LDAP Var1 e.g. distinguishedName Custom Variable to be returned for the user
Custom LDAP Var2 e.g. distinguishedName Custom Variable to be returned for the user

Check your Settings

  • Press Check LDAP Connection

Save your Settings 

  • Click Save
  • Wait a couple of minutes or restart services 

Type: restart-service w3svc,silv*,epic*,mat*  (Powershell + Administrator Priviliges)

Check your connection

Next Steps

The basic installation and configuration of Silverback is now done. You can now check your branding opportunities and start with our Getting Started Guides. 

  • Was this article helpful?