Adding an AD Global Catalog as an LDAP Target Manually

LDAP targets can also be used to integrate Ekran System with all the domains (and subdomains) within an Active Directory forest, by adding a global catalog as a single LDAP target, so that each domain in the AD forest does not need to be added as a separate LDAP target.

To add a new global catalog LDAP target, do the following:

1. Log in to the Management Tool as a user with the administrative Database Management permission.

2. Click the Configuration (

3. On the Configuration page that opens, select the LDAP Targets tab, and then click the Add button (at the top of the page).

4. On the Add LDAP Target page, define the following parameters:

• LDAP Path: Enter the LDAP path for the domain controller server with a global catalogue role that you want to connect to the domains of, in the following format:

GC://<Fully-qualified domain name or IP address of a domain controller server with a global catalog role>

e.g. for the root.com domain on the DC-ROOT domain controller server with a global catalogue role, enter the following:

GC://DC-ROOT.EKRAN.LOCAL

NOTE: The default port for LDAP connections is 3268, but a different port can be specified by adding it at the end of the LDAP Path, separated by a colon.

• Domain NetBIOS Name: Click the Try to Resolve button on the right of this field, and the NetBIOS name of the domain controller server with a global catalog role that you want to connect to should be found (otherwise it can be entered manually).

e.g. ROOT

• User: Enter the user name of an existing AD user belonging to the domain controller server with a global catalogue role, that you want to connect to.

• Password: Enter the password for the user account.

5. The new AD global catalog LDAP target is then added to the list of LDAP targets displayed in the grid (on the LDAP Targets tab).

6. AD users from the global catalog LDAP target added, can now be searched for and selected when adding an AD user (on the User Management page).