Help Center Help Articles Professional Support Professional Integrators Community RMA & Warranty Downloads Tech Specs

Importing Users From Directory Services (AD/LDAP)

UniFi streamlines user management for large organizations by integrating with Active Directory, Microsoft Entra, LDAP, Google Secure LDAP, and JumpCloud LDAP. This integration pairs perfectly with UniFi’s license-free Identity Endpoint software, allowing for efficient user management across your organization.

Required: Enable Identity Endpoint

To integrate a directory service, you must enable Identity Endpoint.

Identity Endpoint is UniFi’s free solution for easy IT user management. After integration, managing users through Identity Endpoint is optional, though we recommend it for its simplicity.

To learn more about Identity Endpoint, including how to enable it, click here.

Integration Methods

Microsoft Entra

For information on Microsoft Entra integration, click here.

Active Directory

  1. Prerequisites: Ensure network connectivity to the AD server and appropriate admin credentials.
  2. Setup Steps:
    • Navigate to Settings > User Directory > Add Directory.
    • Select Active Directory and provide server details, including domain and credentials.
    • Configure user and group mappings.
    • Test the connection and save.
  3. Syncing: Occurs on a scheduled basis or via manual sync.

Google Secure LDAP

  1. Prerequisites: Enable Secure LDAP in your Google Admin Console.
  2. Setup Steps:
    • Download the LDAP credentials file from Google Admin.
    • Navigate to Settings > User Directory > Add Directory and select Google Secure LDAP.
    • Upload the credentials file and configure group mappings.
    • Test the connection and save.
  3. Syncing: Automatically syncs based on the configured schedule.

JumpCloud LDAP

  1. Prerequisites: Ensure your JumpCloud account has LDAP enabled.
  2. Setup Steps:
    • Obtain the LDAP service URL, Bind DN, and password from JumpCloud.
    • Navigate to Settings > User Directory > Add Directory and select JumpCloud LDAP.
    • Enter the service details and map groups as needed.
    • Test the connection and save.
  3. Syncing: Supports periodic syncs or manual triggers.

LDAP

  1. Prerequisites: Ensure your LDAP server is accessible and configured with proper credentials.
  2. Setup Steps:
    • Navigate to Settings > User Directory > Add Directory.
    • Select LDAP and provide the required details:
      • Server URL
      • Base DN
      • Bind DN and password
    • Test the connection and save.
  3. Syncing:
    • Configure sync frequency (e.g., daily or manual).
    • Map LDAP groups to UniFi roles for seamless access management.

Syncing and Group Settings

Sync Frequency

Syncing is fully automated and occurs at regular intervals (e.g., daily) to ensure up-to-date user information from your directory service. 

Metadata and Group Assignments

During each sync, user metadata—including group memberships—is imported. Admins can control which groups to import and map them to UniFi roles. For example, a user may belong to multiple groups, such as “Door Access Chicago” or “VPN New York,” with permissions applied based on their external directory assignments.

Removing Directory Integration

To remove a directory integration:

  1. Navigate to Settings > User Directory.
  2. Select the directory you want to remove and click Delete Integration.
  3. Confirm the action.

Note: Previously synced users and groups will remain in the system until manually removed.

Was this article helpful?