Active Directory (LDAP Discovery)
The preferred method of user synchronization is via LDAP Discovery using Sentinel Messaging’ Active Directory connector module. This allows the Sentinel Messaging Platform to import:
- Active users (including both primary email address and user aliases)
- Distribution lists
- Security groups (both standard and mail enabled)
- Public folders
To configure Active Directory connection settings:
- Click on the Company Settings tab.
- Click on the Import Users tab.
- Choose the default privileges type for new users.
End User: Receive the quarantined digest and can login to the Sentinel Messaging user interface.
Silent User: Receive the quarantine digest and are not granted access to login to the Sentinel Messaging user interface.
- Enter Active Directory URL.
- Enter Username.
- Enter Password.
- Enter BaseDN.
For example, DC=mycompany,DC=local
The Active Directory configuration is stored in the customer creation process and is executed by the administrator once the customer has been created. Active Directory sync requires the customer to allow Sentinel Messaging to access the environment over Port 389. Connections are over TLS. Please refer to the Sentinel Messaging Support Knowledge Base for the current list of Sentinel Messaging IP addresses.
- Choose What to Sync.
- Active Users (Users with mailboxes).
- Disabled User Accounts.
- Functional Accounts (Mail-enabled objects such as Public Folders).
- Security Groups.
- Include items hidden from the GAL (Global Address List).
- Choose How to Sync.
- Add (Add new user objects found to Sentinel Messaging).
- Sync Updated Accounts (update details for previously synched accounts).
- Delete Removed Accounts (remove accounts from Sentinel Messaging if no longer present in Active Directory).
- Sync Every 24hrs (Perform sync automatically every 24 hours).
- Click Save.
- We only support the use of one (1) OU.
- Disabled User Accounts, when created or synced, these are labeled as “Not Active.”
At the end of this process you will have saved your Active Directory Connection details. If you have selected to sync data every 24 hours the system will perform the sync automatically. If not you will need to force the sync process.
To sync Active Directory:
- Click on the Users & Groups tab.
- Click on the Active Directory sync tab.
- Click Search.
Review the returned results.
- Click Execute.