LDAP MDM payload settings for Apple devices
You can configure LDAP settings to enable corporate directory services for users of iPhone, iPad, and Mac devices enrolled in a mobile device management (MDM) solution. Use the LDAP payload to enter settings for connecting to an LDAPv3 directory.
Note: LDAP connections don’t initiate a VPN connection; if the VPN hasn’t been established by another app, such as Safari, the LDAP lookup fails.
OS and channel | Supported enrollment types | Interaction | Duplicates |
|---|---|---|---|
iOS iPadOS Shared iPad user macOS user | User Device Automated Device | Combined | Multiple |
Setting | Description | Required |
|---|---|---|
Account description | The display name for the account. | No |
Hostname | The IP address or fully qualified domain name (FQDN) of the LDAP server. | Yes |
Account user name | The user name for the LDAP account. | No |
Account password | The password of the LDAP account. If you leave this field empty, users must enter their password after the payload is installed on the device. | No |
Use SSL | When the Use SSL option is selected and the server’s SSL certificate isn’t issued by a trusted certificate authority known to the devices, use the Certificates payload to add any root or intermediate certificates that are necessary to validate the server’s SSL certificate. | No |
Search settings | Define the scope and search base for your LDAP server. | No |