LDAP Interface connection settings
This table lists the values that might be required to connect to the Okta LDAP Interface.
| Field | Value |
|---|---|
| Name | The name of the server |
| Directory Type | The server type |
| Hostname | <org_subdomain>.ldap.<domain>.com, where <domain> is one of oktapreview, okta, or okta-emea. |
| Port | StartTLS on port 389 Or LDAPS on port 636 |
| Username | uid=<username>,<dc=org_subdomain>,dc=<domain>,dc=com, where <domain> is one of oktapreview,
okta, or okta-emea Must have admin permissions, but can be a read-only admin |
| Password | <password for the admin user> |
| Base DN | [ou=<users or groups>],<dc=org_subdomain>, dc=<domain>, dc=com , where <domain> is one of oktapreview, okta, okta-emea, or okta-gov.com |
| Additional User DN | ou=users |
| Additional Group DN | ou=groups |
| User Object Class | inetOrgPerson |
| User Object Filter | (objectclass=inetOrgPerson) |
| User Name Attribute | uid |
| User Name RDN Attribute | cn |
| User First Name Attribute | givenName |
| User Last Name Attribute | sn |
| User Display Name Attribute | cn |
| User Email Attribute | |
| Group Object Class | groupofUniqueNames |
| Group Object Filter | (objectclass=groupOfUniqueNames) |
| Group Name Attribute | cn |
| Group Description Attribute | description |
| Group Members Attribute | uniqueMember |
| User Membership Attribute | memberOf
memberOf isn't an indexed value and its use could result in significantly slower search times |
| Use the User Membership Attribute | Select to use the user's membership attribute to determine group membership |