Evoko Home introduces a basic LDAP integration in order to make it easier for system administrators to import users from their existing environment to Evoko Home.
The integration requires a LDAP v3 compliant directory and currently has been tested with Microsoft Active Directory and Apache DS.
Table of contents
- Import users via LDAP
- Scheduled LDAP import
- The future of Evoko Home LDAP integration
Import users via LDAP
Under the Users tab in Evoko Home click Import followed by Import from LDAP.
This should prompt a form which contains the below values.
||Domain name or IP address to the LDAP server.|
||Server port to connect on.
||Checkbox to disable the use of TLS e.g. for non-secure LDAP connections on port
||LDAP user (e.g.
||Password for the above mentioned LDAP user.|
||Defines the directory base from which the LDAP search begins, for example
||Tells Evoko Home which LDAP attribute contains the RFID information.|
||A search filter which will be applied within the defined LDAP search Base. The default value is
Fill out server, port, username and password, then click Check Connection. If the connection is successful, fill out the rest of the information and click Import to initiate.
If successful a prompt with results should be displayed, otherwise it should throw an error.
Scheduled LDAP import
Under the Users tab, click Import, then Scheduled Import:
Switch to the LDAP tab, click Activate Update and enter the LDAP server credentials. Then click Check connection, and fill in the rest of the details:
A short list of common pitfalls when configuring LDAP import in Evoko Home.
- If you're seeing an
Error 500: Read ECONNRESET, try changing port to 389 and disable TLS.
- If you get an
AcceptSecurityContexterror, please see the below table to find the reason:
Error code Message 525 User not found 52e Invalid credentials 530 Not permitted to logon at this time 531 Not permitted to logon at this workstation 532 Password expired 533 Account disabled 701 Account expired 773 User must reset password 775 User account locked
- The 52e - Invalid credentials message might mean the username is not formatted according to expectations. Try changing to
- If you're not seeing all of the expected users, double check your search base, make sure the users are valid and have an email address set (which is required). Also try to expand your LDAP filter to be more inclusive. For more information on LDAP filter syntax, please see the LDAP documentation at LDAP.com or at Microsoft.com.
The future of Evoko Home LDAP integration
We recognize that different environments require different options, and therefore we want to let you know that we do intend to keep improving the LDAP integration.
We're interested in hearing your feedback on the LDAP integration going forward and better understand the major challenges that exist out there, so please let us know your thoughts by submitting a request.