LDAP synchronization
Synchronize entities between your customer LDAP directory and your application. You can synchronize users, groups and organizational units easily with minimal time investment.
What is LDAP synchronization?
LDAP synchronization refers to the process of synchronizing an LDAP directory with an enterprise application. During synchronization, the application gets user, group, and organization information from the LDAP directory. The organization’s LDAP directory serves as a single source of true-up information for all applications. By doing so, system administrators can assign the right roles and permissions to an employee and then revoke them if the employee moves to another unit within the organization or leaves.
API
Implement our API on time and we will take care of protocol change done by the LDAP system
On Prem
Use our comprehensive capabilities in order to pack our capabilities into your product
Cloud
Cloud capabilities are easy to integrate with not packaging effort
The problem
Application developers need organizational information such as: users, groups and other directory entities in their applications. This information is mandatory for any application that is used by organizations of any type.
Typically application developers also perform the LDAP synchronization by themselves and that adds a lot of complexity to the development. Later it also adds maintenance and bug fixes. In the long run, customers always require more capabilities and additional types of directories.
Our solution, Directory Synchronization for Software Vendors provides a comprehensive and reliable solution that supports any functionality your customers may require. Implementing our solution instead of getting into the lengthy and expensive development process will allow you to focus on your core business while providing the best of bread solution to your customers.
What directories do you support?
Microsoft (Active Directory, Azure directory)
Novel (Edirectory, ApacheDs)
Google directory
On Prem vs Cloud
Our customers can consume our service on-cloud or on-premises.
The on-cloud solution is provided by us and you just need to integrate our Rest API into your solution.
We promise accuracy and high performance.
Our on-premise solution is provided as a package the developer needs to integrate into his software.
Rest API can be consumed in this mode also, the only difference with cloud is that it will be deployed in your environment.
Request LDAP synchronization
Dual mode
Directory-Sync can be used with OpenLM server and without (stand alone mode).
When it works with OpenlM server it synchronizes data from external directory to OLM server. And updates all data related to users, groups. You can synchronize full directory data or partially (related to only OpenLM’s users, which are already presented in OpenLM server). In this mode all security management is done on the server side, and components like DSS, DSA are synchronizing in secure mode with the server.OPenID is used for secure connection implementation.
Using DS as a standalone product means you don’t need an OLM server as the target repository of all synced data. In this case data will be synced between 2 different repositories, ex. from your directory to your database (you’ll need just to specify connection to your DB). Syncs can be done also between different LDAP servers, DBs, files (csv, etc…). It will be possible to set-up rules for synchronization; custom politics of updating, merging data, data integrity verification. In this mode it will be possible to control identity management functions: changing passwords, account statuses, last logon, etc. Data management will not be limited to only fetching data, but also to update it in directories. Some small additional features that can be very useful: unused account detection, strings manipulation (capitalizing first letter in names, etc), security tools: password hashing, bi-directional encryption.
This mode also uses OpenID / Oauth 2.0 secure flow implementation, but all settings and configuration should be done on your identity server side.
