Skip Navigation

Configure active directory

You can enable active directory from the 
Configuration > Settings
screen. If the LDAP Server is configured,
user logins are authenticated and authorized using the corporate LDAP server, including Microsoft’s Active Directory.
If active directory is enabled, the username for the
local user account must have have ".\" before the username when logging into the Console. For example, will need to be entered as ".\" to log into the
  1. Add the SSL certificate for the LDAP Server. See Managing Certificates for more information.
  2. Click
    Configuration > Settings
  3. Click beside LDAP. This expands the LDAP configuration settings.
  4. Enable the LDAP toggle.
  5. Enter your LDAP/Active Directory information:
    • Base Distinguished Name:
      This is the base distinguished name (DN) used as a base for the LDAP search to look for the user DN.
    • Group Distinguished Name:
      This is the group distinguished name (DN) used to perform an LDAP search to check if the user is a member of the group DN.
    • LDAP FQDN:
      This modifies the FQDN to the LDAP server’s fully qualified domain name (FQDN).The FQDN must be configured on the Domain Server.
    • Port:
      This is the port number of the LDAP server.
    • TLS/SSL:
      This ensures the confidentiality of the user credentials, an encrypted LDAP connection should be used between the
      server and LDAP server. There are two encryption methods you can choose from, startTLS and LDAPS.
  6. Click
    Test Connection
    . A Test Active Directory Connection dialog displays.
  7. Enter the username and password for the LDAP server, then click
    . A message displays indicating whether the test connection was successful.
    To test the connection, use either the UPN Login or SAM Account Login:
    UPN Login Example: (
    SAM Account Login Example:
    domain\username (onprem-cylance\hadmin)
  8. Click .