Product Documentation

LDAP device policy

You create an LDAP policy for iOS devices in XenMobile to provide information about an LDAP server to use, including any necessary account information. The policy also provides a set of LDAP search policies to use when querying the LDAP server.

You need the LDAP host name before configuring this policy.

To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.

iOS settings

  • Account description: Enter an optional account description.
  • Account user name: Enter an optional user name.
  • Account password: Enter an optional password. Use this field only with encrypted profiles.
  • LDAP host name: Enter the LDAP server host name. This field is required.
  • Use SSL: Select whether to use a Secure Socket Layer connection to the LDAP server. The default is On.
  • Search Settings: Add search settings to use when querying the LDAP server. You can enter as many search settings as you want, but you should add at least one search setting to make the account useful. Click Add and then do the following:
    • Description: Enter a description of the search setting. This field is required.
    • Scope: Choose Base, One level, or Subtree to define how deeply into the LDAP tree to search. The default is Base.
      • Base searches the node pointed to by Search base.
      • One level searches the Base node and one level below it.
      • Subtree searches the Base node, plus all its children, regardless of depth.
    • Search base: Enter the path to the node at which to start searching. For example, ou=people or 0=example corp. This field is required.
    • Click Save to add the search setting or click Cancel to cancel adding the search setting.
    • Repeat these steps for each search setting that you want to add.

macOS settings

  • Account description: Enter an optional account description.
  • Account user name: Enter an optional user name.
  • Account password: Enter an optional password. Use this field only with encrypted profiles.
  • LDAP host name: Enter the LDAP server host name. This field is required.
  • Use SSL: Select whether to use a Secure Socket Layer connection to the LDAP server. The default is On.
  • Search Settings: Add search settings to use when querying the LDAP server. You can enter as many search settings as you want, but you should add at least one search setting to make the account useful. Click Add and then do the following:
    • Description: Enter a description of the search setting. This field is required.
    • Scope: Choose Base, One level, or Subtree to define how deeply into the LDAP tree to search. The default is Base.
      • Base searches the node pointed to by Search base.
      • One level searches the Base node and one level below it.
      • Subtree searches the Base node, plus all its children, regardless of depth.
    • Search base: Enter the path to the node at which to start searching. For example, ou=people or 0=example corp. This field is required.
    • Click Save to add the search setting or click Cancel to cancel adding the search setting.
    • Repeat these steps for each search setting you want to add.

LDAP device policy

In this article