About the LDAP Connector

The LDAP connector makes it possible to crawl different kind of entities from LDAP software such as:

• Active Directory
• OpenLDAP
• OpenDJ
  or
• ViewDS

The connector has the following capabilities and restrictions:

Features

• The connector supports querying and indexing from any arbitrary base DN and specifying which attributes to return.
• Any Text, number and date attributes can be returned as metadata. 
• Multi-value attributes are supported.
• GUID, SID and UUID data types can be used as record identifiers (such as entryUUID, ObjectSID, etc...) 
• Connect either anonymously or via the SIMPLE BIND protocol
• LDAPS connections are supported

Security

Limitations

• TLS over LDAP (aka STARTTLS) is not supported
• Byte arrays and other binary types are not supported as metadata to return, but can be supported for record identifiers (such as entryUUID, ObjectSID, etc...) 
• Deletes can be reported only via incrementals if the LDAP provider supports the tombstone feature.
  
  • If your provider does not, you must schedule full crawls periodically to identify deletes