LDAP device policy

March 26, 2020

Contributed by:

K C

You create an LDAP policy for iOS devices in XenMobile to provide information about an LDAP server to use, including any necessary account information. The policy also provides a set of LDAP search policies to use when querying the LDAP server.

You need the LDAP host name before configuring this policy.

To add or configure this policy, go toConfigure > Device Policies. For more information, seeDevice policies.

iOS settings

Account description:Enter an optional account description.
Account user name:Enter an optional user name.
Account password:Enter an optional password. Use this field only with encrypted profiles.
LDAP host name:Enter the LDAP server host name. This field is required.
Use SSL:Select whether to use a Secure Socket Layer connection to the LDAP server. The default isOn.
Search Settings:Add search settings to use when querying the LDAP server. You can enter as many search settings as you want, but you should add at least one search setting to make the account useful. ClickAddand then do the following:
- Description:Enter a description of the search setting. This field is required.
- Scope:ChooseBase,One level, or子treeto define how deeply into the LDAP tree to search. The default isBase.
  - Basesearches the node pointed to by Search base.
  - One levelsearches the Base node and one level below it.
  - 子treesearches the Base node, plus all its children, regardless of depth.
- Search base:Enter the path to the node at which to start searching. For example, ou=people or 0=example corp. This field is required.
- ClickSaveto add the search setting or clickCancelto cancel adding the search setting.
- Repeat these steps for each search setting that you want to add.
Policy settings
- 删除政策:Choose a method for scheduling policy removal. Available options areSelect dateandDuration until removal (in hours)
  - Select date:Click the calendar to select the specific date for removal.
  - Duration until removal (in hours):Type a number, in hours, until policy removal occurs. Only available for iOS 6.0 and later.

macOS settings

Account description:Enter an optional account description.
Account user name:Enter an optional user name.
Account password:Enter an optional password. Use this field only with encrypted profiles.
LDAP host name:Enter the LDAP server host name. This field is required.
Use SSL:Select whether to use a Secure Socket Layer connection to the LDAP server. The default isOn.
Search Settings:Add search settings to use when querying the LDAP server. You can enter as many search settings as you want, but you should add at least one search setting to make the account useful. ClickAddand then do the following:
- Description:Enter a description of the search setting. This field is required.
- Scope:ChooseBase,One level, or子treeto define how deeply into the LDAP tree to search. The default isBase.
  - Basesearches the node pointed to by Search base.
  - One levelsearches the Base node and one level below it.
  - 子treesearches the Base node, plus all its children, regardless of depth.
- Search base:Enter the path to the node at which to start searching. For example, ou=people or 0=example corp. This field is required.
- ClickSaveto add the search setting or clickCancelto cancel adding the search setting.
- Repeat these steps for each search setting you want to add.
Policy settings
- 删除政策:Choose a method for scheduling policy removal. Available options areSelect dateandDuration until removal (in hours)
  - Select date:Click the calendar to select the specific date for removal.
  - Duration until removal (in hours):Type a number, in hours, until policy removal occurs.
- Allow user to remove policy:You can select when users can remove the policy from their device. SelectAlways,Passcode required, orNeverfrom the menu. If you selectPasscode required, type a passcode in theRemoval passcodefield.
- Profile scope:Select whether this policy applies to aUseror an entireSystem. The default isUser. This option is available only on macOS 10.7 and later.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

LDAP device policy

March 26, 2020

Contributed by:

K C

March 26, 2020

Contributed by:

K C

LDAP device policy

iOS settings

macOS settings

In this article