- Introduction
- Installation
- Getting Started
- Setup the Environment
- Setup the UKG Pro Connection
- Setup the Active Directory Connection
- Delegation of Control
- Setup Rules
- Link (Identity Match)
- Employee Filter
- Auto Provision
- Auto Provision Conditions
- User Logon Name
- User Logon Name Suffix
- Password
- Password Never Expires
- Setup Mappings
- Field Mappings
- Enable Account
- Container
- Network Access Permission
- Custom Attributes
- Group Mappings
- Working with Expressions
- String Expressions
- Bool Expressions
- Quick Expressions
- Working with Conditional Expressions
- Working with Constants
- Ignore Constant
- IsInsert Constant
- IsUpdate Constant
- IsDisable Constant
- Auto Constant
- Special Methods
- Supported Fields
- Person (UKG)
- Employment (UKG)
- Job (UKG)
- Location (UKG)
- Org Level 1 to 4 (UKG)
- Project (UKG)
- Platform Configuration (UKG)
- User (Active Directory)
- Sending Email to UKG Pro
- Notifications
- Detecting Changes
- SMTP Settings
- Scheduling
- Viewing the Logs
- Activate a License
- Security
- Introduction
- Installation
- Getting Started
- Setup the Environment
- Setup the UKG Pro Connection
- Setup the Active Directory Connection
- Delegation of Control
- Setup Rules
- Link (Identity Match)
- Employee Filter
- Auto Provision
- Auto Provision Conditions
- User Logon Name
- User Logon Name Suffix
- Password
- Password Never Expires
- Setup Mappings
- Field Mappings
- Enable Account
- Container
- Network Access Permission
- Custom Attributes
- Group Mappings
- Working with Expressions
- String Expressions
- Bool Expressions
- Quick Expressions
- Working with Conditional Expressions
- Working with Constants
- Ignore Constant
- IsInsert Constant
- IsUpdate Constant
- IsDisable Constant
- Auto Constant
- Special Methods
- Supported Fields
- Person (UKG)
- Employment (UKG)
- Job (UKG)
- Location (UKG)
- Org Level 1 to 4 (UKG)
- Project (UKG)
- Platform Configuration (UKG)
- User (Active Directory)
- Sending Email to UKG Pro
- Notifications
- Detecting Changes
- SMTP Settings
- Scheduling
- Viewing the Logs
- Activate a License
- Security
Setup the Active Directory Connection
Connect to AD communicates directly with Active Directory by using a user account that is setup to read, create and update user records in Active Directory.
We will need to enter a valid user account into Connect to AD.
Connect to AD can work with either containers or org units within the LDAP tree structure.
A valid LDAP connection string is required to target either the root of the domain or a specific LDAP container within the domain.
Here are examples of valid LDAP connection strings:
Bind to a domain on the server.
Bind to the Sales org unit on a server.
Bind to the Users container on a server.
Bind to a server.
Bind to a server using a fully qualified DNS server name.
Bind to a server using an IP address.
Bind to a server using the specific port number.
If you are unsure about which LDAP container to target you can browse the existing containers using the Active Directory users and computers app.
Active Directory Users and Computers > Select Container > View Properties > Attribute Editor > distinguishedName
The containers distinguishedName property will provide you with LDAP domain components (DC) and container (OU or CN) which make up the parts of the LDAP connection string.
Next we will enter the Active Directory connection details. Remember that we need to provide a user account that is setup to read, create and update user records in Active Directory.
After entering the connection details, you can check if the connection is valid by clicking on the Check Connection button. This action will ping Active Directory and validate the required communication with Active Directory.
If you run into any issues during this process, please check our support area for additional guidance.
We are here to help you.