LDAP Service Provider

There are features and functions used in UNUM Manager and UNUM Analytics that are common throughout the user interface (UI). Please refer to the Common Functions section for more information on the use of these functions and features.

The following example details connecting UNUM to a third-party LDAP Service Provider.


To configure UNUM to use LDAP, you need the following information in advance.

Type – Type of Authentication Service used on the domain, either LDAP, AD or, possibly both. 

Server URL – The LDAP server or service provider name and type of connection supported, either LDAPS (secure) or LDAP (non-secure), and the port numbers assigned to these servers, typically 636 and 389, respectively.

Base DN – The name of the base organization and domain name.

Manager DN (Distinguished Name) – The distinguished name (DN) used for the LDAP manager. This name is the account with admin-level privileges and allowed access to the LDAP server or service provider. This may exist as a UID (User ID) or a CN (Common Name). A Manager DN account name must be a binding user within the LDAP service.

Manager Password –  The password for the admin-level account.

User DN Patterns – DN patterns used for simple bind authentication. These are the groups where user accounts exist.

User Search Filter – Any search filters. Specific filters used by your LDAP service provider.

LDAP Service Provider Settings

Type: LDAP

Server URL: ldap.jumpcloud.com on Port 389

Base DN: 

Manager DN: uid=admin,ou=Users,o=xxxxxxxxxxxxxxxxxxxxbfd8,dc=jumpcloud,dc=com (some data obscured for security purposes)

Password: <password>

User DN Pattern: uid={0},ou=Users

User Search Filter: (objectClass=inetOrgPerson)

Usage Note:

After the initial configuration phase, you can test the connection using the built-in UNUM test feature. However, this is only a pass/fail test and does not provide any troubleshooting information.

Pluribus Networks recommends using a third-party LDAP tool or OS commands to access and view the LDAP server or service provider to review the structure and required parameters.

OS Commands

In the following example, running the ldapsearch command on Linux or macOS returns useful information regarding the LDAP service structure.

ldapsearch -H ldap://ldap.jumpcloud.com:389 -ZZ -x -b "ou=Users,o=xxxxxxxxxxxxxxxxxxxxbfd8,dc=jumpcloud,dc=com" -D "uid=admin,ou=Users,o=xxxxxxxxxxxxxxxxxxxxbfd8,dc=jumpcloud,dc=com" -W "(objectClass=inetOrgPerson)"

Command Syntax


-ZZ - Issue StartTLS (Transport Layer Security) extended operation.

-x - Simple Authentication

-b - Base DN or Search Base starting point.

ou - Organizational Unit

o - Organization Account

dc - domain specifics

-D - Manager DN 

-W - Prompt for password

Note: To view detailed information regarding the ldapsearch command use the following command:

man ldapsearch

After entering the above command string and, if the connection is successful, enter the password associated with the account bound to the service.

In this example, the bound account is: admin

If you do not receive a prompt to enter the password or receive an error message, you will need to re-verify the LDAP settings.

A successful login displays information, as illustrated in the following example.

UNUM LDAP Configuration

After confirming the login settings proceed to add the LDAP server or service provider to UNUM selecting Menu Bar → → Auth Server from UNUM.

The following dashboard displays when first configuring an Authentication Server if no previous servers exist.

Add Authentication Server

Click the Add Auth Server button to begin.

Enter the information for your server or service provider. 

Example Information

Type = LDAP

Server URL = ldaps

Hostname = ldap.jumpcloud.com 

Port = 636 (using a secure ldaps connection)

Base DN = o=xxxxxxxxxxxxxxxxxxxxbfd8,dc=jumpcloud,dc=com

Manager DN = uid=admin, ou=Users, o=xxxxxxxxxxxxxxxxxxxxbfd8,dc=jumpcloud,dc=com

Password = ldap_password associated with the Manager DN account

User DN Pattern = uid={0},ou=Users

User Search Filter = (objectClass=jumpcloudUser)

Click the Add button.

The new LDAP server or service provider displays in the dashboard.

Test the connection using the Test button.

Enter an LDAP user account name and the associated password and click Test. It is recommended to test with an admin-level account.

When the selected user name exists and the password is correct, UNUM returns a "success" message.

You can use any user account which exists in the LDAP service to test the connection.

If the selected user name does not exist or the password is incorrect, UNUM returns a "failed" message. 

As previously stated, this is only a pass/fail test, which does not provide any troubleshooting information.

In the event of a failure, try re-entering the user name and password. The ldapsearch command, described above, provides useful information to aid in troubleshooting.

In this example, we see the user "cool" exists in the LDAP service. 

Verify the password is correct and re-test.

When in doubt, use an admin-level account to re-verify connectivity.

The ldapsearch command, described above, provides useful information to aid in troubleshooting.



If the test fails, carefully review all settings.


Verify the Server name is resolvable. Use the IP address in place of the Server name.


If using the IP address works, verify the DNS settings and ping the server using the FQDN.

Edit LDAP Settings

Use the Cog icon and select Edit to make changes to the LDAP Server settings.

Click Update to save the revised settings.

Logging in to UNUM

After LDAP account verification is successful, login into UNUM using LDAP credentials. In the following example, the LDAP user name is "cool."

Once logged into UNUM, the LDAP user is assigned a User Role and can view UNUM dashboards.

Note the LDAP user name (illustrated in red for example purposes).

Note: UNUM assigns an LDAP account to a User Role, and they do not appear in the Local User Management dashboard.

LDAP User Roles: 

UNUM currently supports two roles, User and Local Admin. UNUM assigns all LDAP or AD users to the User Role in UNUM.

UNUM ignores any assigned LDAP or AD roles.

Please refer to Manage Users for more information about these roles. 

Troubleshooting Tools

There are numerous tools to aid in troubleshooting LDAP connectivity problems. 

However, first and foremost, verify all settings are correct and match your LDAP Service Provider or AD/LDAP Server requirements.

Some of the tools that exist include:

OS Tools

LDAPSEARCH - Unix, Linux, macOS

TCPDump - Unix, Linux, macOS

Windows Tools


Active Directory Explorer

Active Directory Users and Computers

Third-Party Tools

LDAP Admin (UI-based tool)

TCPDUMP for Windows

The above is not an exhaustive list and only intended to provide you with several options readily available to assist in troubleshooting LDAP connectivity issues.