This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree
Skip to end of metadata
Go to start of metadata

Version Warning

The content below is for Apache Syncope <= 1.2 - for later versions the Reference Guide is available.


This wiki page shows all the steps needed to configure an external LDAP resource identified by the following connection parameters:

Server host: localhost
Server port: 1389
Principal: cn=Directory Manager
Credentials: password
Root suffix: o=isp

In order to link an external LDAP resource there are pre-requisites and configuration steps to be satisfied.


  1. Install ConnId LDAP connector bundle

Configuration steps

  1. Configure LDAP connector instance
  2. Configure LDAP resource

Configure LDAP connector instance

Please, take a look at all configurable parameters at LDAP Connector Configuration and use this page as reference to provide your configuration.

  1. Open your browser and access to the Syncope administration console (http://host:port/syncope-console).
  2. Log into the interface by providing the following credentials:
    1. Login:;
    2. Password: password.
  3. Click on the Resources tab.
  4. Click on the Connectors sub-tab.
  5. Click on Create new Connector button (configuration modal page appears).
  6. Click on tab General.
    1. Provide Display name (e.g. 'Ldap demo connector') and the correct Bundle name (org.connid.bundles.ldap.${version}).
  7. Click on tab Configurations and provide connector instance configuration.
    Principal: cn=Directory Manager
    Password: password
    Host: localhost
    TCP Port: 1389
    Account Object Classes: top person organizationalPerson inetOrgPerson
    Password Attribute: userPassword
    LDAP Filter for Retrieving Accounts: uid=*
    Change Number Attribute: changeNumber
    Uid Attribute: uid
    Base Contexts: o=isp
    Account User Name Attributes : uid
    Change Log Block Size: 100
    Password Hash Algorithm : SSHA
  8. Click on tab Capabilities.
  9. Check needed capabilities as shown at Connector instance configuration.
  10. Click on Save button.

Configure LDAP resource

  1. Click on the Resources tab.
  2. Click on the Resources sub-tab.
  3. Click on Create new Resource button (configuration modal page appears).
  4. Click on Resource Details tab.
  5. Choose from the list the correct Connector instance name.
  6. Provide the following information
    Name: Ldap demo
    Connector: Ldap demo connector
  7. Click on Schema Mappings tab.
  8. Click on Add button to insert attributes mapping.
  9. Provide Account Link: 'uid=' + username + ',o=isp'
  10. Click on Save button.
Schema mapping

Internal mapping types

Internal mapping

External Attributes

Mandatory condition

Account Id