This plugin allows us to integrate CrushFTP with your LDAP server, such as the Microsoft Active Directory server, or OpenLDAP, etc.

The settings can br grouped into three major sections, based on functionality:

!Connectivity and user lookup

[attachments|Clipboard01.png]

__LDAP server URL, fully qualified user name and password__ of an LDAP account used for queries; the account needs read only access on the full LDAP tree. 
The plugin supports __referral chasing__, in case of multiple forests with trust relationship between, can allow this by setting the __Follow referrals__ option.
To use a secure LDAP (__ldaps://__) URL, set either the __Accept any SSL certificate__ option or import the LDAP server public certificate into the Java trust store, __cacerts__.

__Search base location__ needs to be pointed to the root of the LDAP tree or full path to some container OU. LDAP objects outside this path will not be visible to the plugin.

__Search filter__ needs to be some unique LDAP attribute name, like __sAMAccountName__ for plain username or __userPrincipalName__ for the user FQDN as allowed username format. We can also automatically round robin between these if the __On login, make two attempts...__ option is enabled. This field also allows more complex LDAP filter expressions , an example for enabled user accounts only
{{{
(&(objectClass=user)(objectCategory=person)(sAMAccountname=?)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
}}}