Skip to main content
Skip table of contents

OpenLDAP - User and Profile Sync

This document will help you to add a new OpenLDAP User Source rather than an other directory sources.

📘 Instructions

This documentation will contain two main steps.

  1. Adding a User Source

  2. Configuring the Settings

Active Directory and LDAP settings are different. Please consider to use LDAP settings rather than Active Directory settings. On Monosign for version 2023.01, we need to use following configuration for LDAP.

1. Adding a User Source

Create your User Source on Monosign and select the type Active Directory / LDAP by reading the documentation.

2. Configuring the Settings

Monosign has different LDAP options. Click Settings to configure details.

When you have your page, select a different option than Microsoft Active Directory. Such as OpenLDAP, Oracle Unified Directory, or find your provider.

Example configurations

After you have finished it, please use the following options to configure it.

Domain Username and Password




Domain Ip or Host

Type your DNS or IP address



Your LDAP Port

389 for LDAP

636 for LDAPS

Use Secure Connection

Yes or No depending your settings


User Base DN

Your users Base DN


User Search Container

Your can use multiple search container for your users store.


Group Base DN

Your groups Base DN


Group Search Container

Your can use multiple search container for your groups store.


Domain Name

Your domain name


Domain UserName

Username for authentication


Domain Password

Password of the Domain UserName


Sample UserName

Username if you want healtcheck


Sample Password

Password of the Sample UserName


Use BaseDN for Authentication

Should be Yes for LDAP


These settings are enough for the first connection but not enough for filters and more. Let’s continue. The following settings are also required for Filters.

Domain Ip or Host field allows for multiple domains to be configured. You can enter domains by separating them with commas.

Manages hostnames with connection errors in Monosign via blacklist. If I have only one hostname and encounter a connection error, it is added to the blacklist immediately and will not be removed until the next restart. If there is multiple hostnames, hostname is added to blacklist for 10 minutes and during this interval the other hostnames will be used.



User Search Filter


Group Search Filter


Text Filter


Basic Text Filter


Id Filter


If you are using both uid and cn name for user, you need to change it with;


For Oracle Unified Directory


You can also use your filter settings if you know what to do. You can also use mappings to map your attributes to your Monosign Profile. On the left side, your LDAP attribute name; on the right side, it should be your Profile Property Name (without spaces).

Modify Attributes for LDAP

In Oracle Unified Directory, Modify Date and Create Date attributes differ from Active Directory. For example, in Active Directory, these attributes are whenChanged and whenCreated. And also, you need to change Password Attribute for Oracle and may also some directories too.




Create Date-Time Attribute



Modify Date-Time Attribute



Password Attribute


Example Mappings

When you click Test, you are going to see the following UI. I don’t have any Groups in my directory. That’s why one of the items seems to be different in color.

CleanShot 2024-04-29 at 13.01.59-20240429-100207.png

These settings are enough for your environment. If you want more, please talk to your support.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.