Add an Active Directory Auth Module

Add an Active Directory Auth Module to add a secondary authentication relationship between Access Gateway and an Active Directory instance.

  1. Add an Auth Moduleand select Active Directory.
  2. Enter the following details in the Add New Auth Module dialog:
    NameName used to identify the Auth Module (for example, Active Directory AM).

    Secure LDAP

    If you select this option, use LDAPS.

    HostURL to LDAP server and port (for example,


    Port for use with Active Directory (for example, 389).

    Bind User

    Username used to perform reads and writes (for example, CN=Administrator,CN=Users,DC=someuser,DC=info).

    Bind User Password

    The password for Bind User.


    The base DN from which you perform the search (for example, CN=Users,DC=domain,DC=tld)

    User Search Attribute

    The filter used to match records returned from the Search DN (for example, accountname).

    Attributes DN

    Set of attributes returned from Active Directory and sent as SAML attributes to the application (for example, cn, mail, name, userPrincipalName)


    Optional. Enter a description for the Auth Module.

  3. Click Not Validated. Okta Access Gateway attempts to validate the connection. If successful, the label changes to Valid.
  4. Click Okay.