The LDAP Identity Connector can be configured using the Aspire Admin UI. It requires the following entities to be created:

• Credential
• Connection
• Connector
• Seed

Create Credential 

1. On the Aspire Admin UI, go to the credentials page
2. All existing credentials will be listed. Click on the new button 
3. Enter the new credential description.
4. Select ldap-identity from the Type list.
5. General: In Authentication, you need to insert:
   1. User: Could be a distinguished name for an LDAP server, or a domain\\user for ActiveDirectory.
   2. Password: Password for the account.

Create Connection 

1. On the Aspire Admin UI, go to the connections page
2. All existing connections will be listed. Click on the new button 
3. Enter the new connection description. 
4. Select ldap-identity from the Type list.
5. General:
   1. Run script: Select to either connect to an LDAP or Active Directory (AD) server to download user and group information, or to run a script to fetch the information that should be cached.
   2. Server URL: The URL of the LDAP server in the form ldap:server:port. For Active Directory (AD) servers.
   3. Search Base: The node in the directory from which to begin searches.
   4. Scope: The scope of the LDAP search.
   5. User query: The LDAP query to return all users.
   6. Group query: The LDAP query to return all groups.
   7. Connection timeout: The maximum time to wait for a connection to the LDAP server.
   8.  Read timeout: The maximum time to wait for data from the LDAP server.
   9. Use Start TLS extension: If checked, the Start TLS extension will be used to connect to the LDAP server.
6. Policies
   1. Throttle Policy: Select the throttle policy that applies to this connection object.
   2. Routing Policies: Select the routing policies that this connection will use.

Create Connector Instance

For the creation of the Connector object using the Admin UI, check this page.

Create Seed 

1. On the Aspire Admin UI, go to the seeds page
2. All existing seed will be listed. Click on the new button 
3. Enter the new seed description.
4. Select ldap-identity from the Type list.
5. User attributes: Specify the LDAP attributes to return in user queries.
   1. Return GUID: Enable this option if GUID attribute needs to be returned from queries.
   2. Binary GUID:  Check if GUID is stored as a binary.
   3. GUID Attribute Name: Name of GUID attribute to be returned from queries.
6. Group attributes: Specify the LDAP attribute to return in group queries.
7. Membership attributes: The LDAP attribute (or pseudo attribute \"dn\") that maps users to groups. This refers to an attribute from the set of group attributes if \"groups hold members\" is true, or one of the set of user attributes if not.
8. Connector: The ID of the connector to be used with this seed. The connector type must match the seed type.
9. Connection: The ID of the connection to be used with this seed. The connection type must match the seed type.
10. Workflow: The IDs of the workflows that will be executed for the documents crawled.
11. Tag: The tags of the seed, these can be used to filter the seed.
12. Policies
    1. Throttle Policy: Select the throttle policy that applies to this connection object.
    2. Routing Policies: Select the routing policies that this connection will use.