Configuring LDAP Servers

Lightweight Directory Access Protocol (LDAP) is a protocol that allows applications to communicate and share information with directory services such as Active Directory. School Manager uses LDAP to sync across users and groups.

If you use a School Manager physical appliance, it connects to your LDAP server, downloads, and processes the requested data, then uploads the IDs to the School Manager cloud. If you are using cloud-only filtering, the LDAP processing is done directly in the cloud. Once synced, groups can be used as classrooms in Classwize and where School Manager allows custom configurations by Group.

Configuring LDAP Servers

Using LDAP servers allows you to add multiple Domain Controllers to School Manager.

1. Go to Configuration > Authentication > LDAP Servers.
2. Select Add LDAP Server.
3. Tick Enabled.
4. Tick Sync Enabled. This will sync the list of users and groups automatically between 00:00-02:00 UTC every day.

5. You can tick Sync Organization Units. If enabled, this will sync any organizational units previously set up on your server.
6. Select the Server Type using the dropdown.

7. Select the Protocol using the dropdown.

8. Enter the Server Hostname. This is the server IP address. You can also type in the hostname if internal DNS has been set up.
9. Enter the Server Port. LDAP uses Port 389
10. Enter the Base DN. This is where the server will search for users. This would normally be done at the top level (DC=) but it can also be done at a user level (OU=).
11. Enter a Username. We recommend using the following naming convention DOMAIN\username or username@DOMAIN

12. Enter the Password from your service account.
13. You have the option to change the Search Query. The default (objectClass=*) will sync users and groups.
14. Syncing by DN will maintain multiple groups with the same name.
    1. Check Sync BY DN for LDAP services.
    2. Uncheck Sync by DN if you use an eDirectory service.
15. When you are complete, select Save.

Syncing LDAP Servers

1. Select Sync All and Refresh the page. 

2. Once the sync is complete, you can see if the sync was successful under the Status section. 
3. When successfully synced, the Status column will display the number of synched users and groups.

LDAP Servers Troubleshooting

Failed to Sync, reason was Can’t contact LDAP server

Ensure the following:

• The LDAP Server is online and reachable.
• Your School Manager physical appliance is online.
• The LDAP server entry is filled out completely.
• The Server Port is set to 389.
• The IP address for the Server Hostname is complete. You can enter a hostname if you have internal DNS configured.

If all checks fail, please contact Linewize Support for further assistance.

Failed to Sync, reason was Referral 

• Ensure you have entered the correct Base DN

If this check fails, please contact Linewize Support for further assistance.

Failed to Sync, reason was Invalid credentials

• Ensure you have entered the correct username and password
• Ensure you have the correct username naming convention (DOMAIN\username or username@DOMAIN)

If all checks fail, please contact Linewize Support for further assistance.

Failed to Sync, reason was Operations error

• Ensure you have the correct username naming convention (DOMAIN\username or username@DOMAIN)
• Ensure that your Domain Controller DNS settings are configured

If all checks fail, please contact Linewize Support for further assistance.