Cloud LDAP for Zoho Directory

What is LDAP?

Cloud LDAP in Zoho Directory enables organizations to utilize LDAP (Lightweight Directory Access Protocol) for authentication and user management, eliminating the need to maintain an on-premises LDAP server. By using Zoho’s cloud-based infrastructure, admins can integrate Zoho Directory with LDAP-compatible applications and services, making it easier to manage user identities and control access securely.

This eliminates the hassle of managing physical directory servers while still giving you the flexibility of traditional LDAP. Cloud LDAP is especially useful for those who want:

A single source of truth for all users and credentials.
Easy integration with LDAP-supported applications like Linux systems, Atlassian Jira, OpenVPN, printers, and more.
Secure authentication over the cloud (LDAPS).

What is a service account?

A service account in Cloud LDAP is an account created in Zoho Directory solely for enabling applications to connect to the directory and perform authentication and directory lookup operations in a secured way. It is used by applications or services (like Jira and VPN servers) to bind to Cloud LDAP. In LDAP terms, this is usually the BindDN (distinguished name) + password that the application uses.To set up and manage Cloud LDAP, you'll first need to add LDAP clients to Zoho Directory (eg., printers, Atlassian Jira), configure access permissions for each client, and connect them to the Cloud LDAP service.

Prerequisites

Zoho Directory account with admin privileges
Cloud LDAP enabled in your Zoho Directory admin console
Users already added or synced to your Zoho Directory account

Add LDAP clients

Sign in to Zoho Directory, then click Admin Panel in the left menu.
Go to LDAP in the left panel, if not configured, click Configure LDAP. If already configured, click Add LDAP Client in the Clients tab.
Under LDAP client name field, enter a name (for example, Printer).
Under BindDN service account, if not added already, click Add service account. Enter a username for the service account, copy the generated password, and then click Save.
You'll need the generated password when connecting your client to the Secure LDAP service, so make sure to save it. Otherwise, you will have to regenerate a new password.
Now, select from the added accounts and click Save and Next.

Configure access permissions and attributes

The access permissions page will automatically be displayed once you have added an LDAP client. It determines how applications interact with your directory and what data can be accessed. It has two sections:

User Authentication - This setting allows the admins to restrict which users are allowed to authenticate via Cloud LDAP. In other words, only the users with LDAP permissions can authenticate successfully. This operation is read-only, so the application cannot modify the user credentials in Zoho Directory.
Read User Information - This setting specifies which attributes of the user the LDAP client can access to retrieve user information. You can choose the attributes you want to expose via Attribute mapping in Zoho Directory.

To include users that an LDAP client can access to verify the user credentials, tick the checkbox Verify user credentials.
Tick the checkbox Read user information to select the attributes that the LDAP client can have access to.
Select one from the available LDAP attributes and click Save and Next.
To add a custom attribute, go to the Attributes tab, click Manage Attributes.
Click Add Attribute. Enter an attribute name.
For Field value, select from the profile fields or enter a hardcoded value. Then, click Add. You can select the custom-added attribute on the permissions page.

Assign members

Once you've added LDAP client and configured permissions for it, you can now assign members to each client.

In the Summary page, click Assign Members at the bottom page to assign users to the client.
Under Choose Users, click to either select users manually or attach file.
After selecting, click Assign.

Add a service account

Under LDAP section, go to Service Accounts tab.
Click Add Service Account.
Enter a username for the service account, copy the generated password, and then click Save.

You'll need the generated password when connecting your client to the Secure LDAP service, so make sure to save it. Otherwise, you will have to regenerate a new password.

Delete a service account

Under LDAP section, go to Service Accounts tab.
Hover over the required service account, and click Delete.

If the service account is mapped to clients, you'll have to dissociate the clients from the service account to delete.

Edit access permissions

Sign in to Zoho Directory, then click Admin Panel in the left menu.
Go to LDAP, and click Clients tab.
Click on the required client from the list, click Edit, and then click Save and Next.
Tick or untick the access permissions checkbox based on your preference.

Edit LDAP client details

Go to Clients tab, and hover over the required client name.
Click , then click Edit.
Edit the necessary details on the page and click Save and Next.

Deactivate/ Delete LDAP client

Go to Clients tab, and hover over the required client name.
Click , then click Deactivate.
To delete a client, click Delete. Once deleted, you can no longer retrieve the client's information.

Connect LDAP clients to the Cloud LDAP service

Before connecting your LDAP client to the Cloud LDAP service, make sure you have added your client to Zoho Directory as a LDAP server, configured access permissions, and optionally generated access credentials.

Depending on the type of client, there are different instructions for connecting them to the LDAP service.

To begin, open the LDAP client's authentication or directory settings and enter the necessary details listed below. Alternatively, you can find them in the Info tab > LDAP > Admin Panel.

Hostname	ldap.zoho.com
Ports	389 for LDAP port (StartTLS enabled) 636 for LDAPS port (SSL/TLS enabled)
Base DN	Your domain in DN format (LDAP client base DN) dc=zohodirectory, dc=com for zohodirectory.com
Username and password	For LDAP clients that require a username and password, use the username and saved password from when you created a service account while adding the LDAP client to Zoho Directory.

For encryption between the client and LDAP server, LDAPS is preferred. But, if you choose to use LDAP, it is necessary to enable StartTLS for security purposes.

LDAP-supported operations

Below are some of the supported operations to ensure smooth and safe access to directory information:

1. Request Rate Limit
- Up to 4 Requests Per Second:

Each user or application can send a maximum of 4 LDAP requests every second. Avoid sending too many requests in a short time to prevent connection issues.

2. Connection Time Limit
- Each Connection Can Stay Open for Up to 1 Minute:

Any LDAP connection you make to the service can last a maximum of one minute before it is closed automatically. This helps keep the system efficient and stable.

3. Concurrent Connection Limit
- Maximum of 100 Connections at the Same Time:

The service supports up to 100 simultaneous connections from all users or apps combined.

4. Supported LDAP Operations
bind: Log in to the directory to prove your identity.

unbind: Log out to close your session cleanly.

search: Look up information stored in the directory (like users, groups, or devices).

extended operations: Includes:

StartTLS: A way to encrypt the connection, keeping your data safe while it’s sent over the network.
Who Am I?: Lets you check which user or application you’re currently authenticated as.

Below are the links to configuration instructions for a few LDAP clients. Otherwise, you can refer to the documentation of the relevant client.

Certain LDAP clients, such as Atlassian Jira and SSSD, perform a user lookup to get more information about a user during user authentication. To make sure user authentication works correctly for such LDAP clients, you'll need to turn on Read user information for all organizational units where Verify user credentials is turned on.

Apache Directory Studio

Atlassian Jira

Cloudbees Core / Jenkins

OpenLDAP/ ldapsearch (Linux)

SSSD (Red Hat Enterprise and CentOS)

SSSD (other Linux distributions)

OpenVPN (community version)

OpenVPN Access Server (commercial version)

macOS

Create. Review. Publish.

Write, edit, collaborate on, and publish documents to different content management platforms.

Get Started Now

Access your files securely from anywhere

Zoho CRM Training Programs

Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

Redefine the way you work

with Zoho Workplace

Start your free trial

Zoho DataPrep Personalized Demo

If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

Create, share, and deliver

beautiful slides from anywhere.

Get Started Now

Zoho Sign now offers specialized one-on-one training for both administrators and developers.

BOOK A SESSION

Zoho Workerly Home
Forums
Connect With Us:

Zoho Recruit Home
Forums
Connect With Us:

Start tracking your website metrics today

Use PageSense to understand what your visitors are looking for, how they are behaving, and where they are facing problems on your website.

Ready to improve your website's performance?

Install the PageSense code snippet on your site in a matter of minutes and start collecting in-depth data about the website visitors to grow your business.

Track and measure every business goal

Set up goals in PageSense to measure every single action performed by visitors on your website like button or link clicks, form submissions, and page engagements.

Understand the customer journey on your website

Create funnels in PageSense to quickly see which pages visitors use to enter your website, where they navigate to next, and which pages they decide to leave without converting.

Visualize your visitor's behavior with color codes

Set up heatmaps in PageSense to see where users have clicked more, how far they've scrolled, and on which parts of a page they've spent the most time using color-coded patterns in reports.

Measure customer engagement with your web forms

Use form analytics in PageSense to see how people interact with different fields in your form, whether they complete the form successfully or not, and where exactly they drop out on your form.

Record real visitor interactions on your website

Use session recordings in PageSense to watch a video of all the visitor actions performed on your website including the pages they navigate, the buttons they click, the UX issues they face, and more.

Test and optimize webpages for better conversions

Run A/B or Split URL tests in PageSense to figure out which version of your web page works best for your business and results in the best conversion rate.

Give each customer a unique website experience

Use personalization in PageSense to deliver customized versions of your website for every individual customer based on their demographics, local weather, browsing history, and more.

Grow your business through customer feedback

Run polls on your website using PageSense to understand what your customers think about your products/services and what needs improvement on your site.

Send timely updates that customers love

Use web push notifications in PageSense to schedule and notify your customers about an upcoming flash sale, product releases, promotional coupons, and a lot more that can spark conversions on your website.

Advertise your business to website visitors

Use pop-ups in PageSense to instantly grab the attention of visitors by showing attractive signup offers, coupon code discounts, or email newsletters that can eventually convert them into subscribers.

Access more advanced settings in PageSense

Use PageSense's advanced features like creating mutually exclusive groups, enabling cross-domain tracking, configuring customized project JS, and more to get deeper insights about your website.

Try easy-to-use extensions

Download the PageSense extension app available for your web browser with a few clicks and start collecting all of your required website metrics in real time.

Discover your favorite integrations with PageSense

Get a deeper look at your website's data by seamlessly integrating PageSense with a host of popular third-party apps like Google Analytics, Mixpanel, Intercom, and more.

Quick Links	Workflow Automation	Data Collection
Web Forms	Enterprise	Online Data Collection Tool
Embeddable Forms	Banking	Begin Data Collection
Interactive Forms	Workplace	Data Collection App
CRM Forms	Customer Service	Accessible Forms
Digital Forms	Marketing	Forms for Small Business
HTML Forms	Education	Forms for Enterprise
Contact Forms	E-commerce	Forms for any business
Lead Generation Forms	Healthcare	Forms for Startups
Wordpress Forms	Customer onboarding	Forms for Small Business
No Code Forms	Construction	RSVP tool for holidays
Free Forms	Travel	Features for Order Forms
Prefill Forms	Non-Profit
Intake Forms	Legal	Mobile App
Form Designer	HR	Mobile Forms
Card Forms	Food	Offline Forms
Assign Forms	Photography	Mobile Forms Features
Translate Forms	Real Estate	Kiosk in Mobile Forms
Electronic Forms
Drag & drop form builder
Notification Emails for Forms	Alternatives	Security & Compliance
Holiday Forms	Google Forms alternative	GDPR
Form to PDF	Jotform alternative	HIPAA Forms
Email Forms	Formstack alternative	Encrypted Forms
	Wufoo alternative	Secure Forms
		WCAG

Quick Links

New to Zoho Writer?

Signup Now

Zoho Writer

What's new

Help Guide

Blogs

Forums

Webinars

API

Developers

Build Extensions

Create. Review. Publish.

Write, edit, collaborate on, and publish documents to different content management platforms.

Get Started Now

Zoho Campaigns Resources

Campaigns Community Learning Series

New to Zoho CRM Plus?

Deliver unforgettable customer experiences

ACCESS ZOHO CRM PLUS

New to Zoho CRM Plus?

Deliver unforgettable customer experiences

ACCESS ZOHO CRM PLUS

New to Zoho Marketing Plus?

Everything you need to run your marketing

ACCESS ZOHO MARKETING PLUS

New to Zoho Marketing Plus?

Everything you need to run your marketing

ACCESS ZOHO MARKETING PLUS

Zoho Pagesense Resources

You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.

New to Zoho Survey?

Access Zoho Survey

Latest Feature Updates

Explore our Pricing & Plans

Zoho Survey Resources

Android Mobile Surveys

Insurvey Blogs

Insight Blogs

Tips & Tricks

New to Zoho Social?

Manage your brands on social media

Access Zoho Social

Desk Community Learning Series
Digest
Functions
Meetups
Kbase
Resources
Glossary
Desk Marketplace
MVP Corner
Word of the Day
Ask the Experts

Zoho Sheet Resources

New to Zoho Forms?

Latest Feature Updates

Explore our Pricing & Plans

Zoho Forms Resources

Secure your business

communication with Zoho Mail

Get started

Mail on the move with

Zoho Mail mobile application

Go Mobile

Stay on top of your schedule

at all times

Get started

Carry your calendar with you

Anytime, anywhere

Get started

Latest Announcements

New to Zoho Sign?

Zoho Sign Resources

Sign, Paperless!

Sign and send business documents on the go!

Get Started Now

Zoho SalesIQ Resources

New to Zoho TeamInbox?

Zoho TeamInbox Resources

Connect with us

New to Zoho ZeptoMail?

LEARN MORE

Latest Feature Updates

Zoho DataPrep Resources

New to Zoho DataPrep?

Access Zoho DataPrep

Zoho DataPrep Demo

Get a personalized demo or POC

Design. Discuss. Deliver.

Create visually engaging stories with Zoho Show.

Get Started Now

New to Zoho Workerly?

Access Zoho Workerly

New to Zoho Recruit?

Access Zoho Recruit

New to Zoho CRM?

Signup Now

Access Zoho CRM

Latest Feature Updates

New to Zoho Projects?

Access Zoho Projects

New to Zoho Sprints?

Access Zoho Sprints

New to Zoho Assist?

Access Zoho Assist

New to Bigin?

Signup Now

Access Bigin

Latest Feature Updates

Related Articles
Import users to Zoho Directory from other cloud identity solutions
Transferring user information from one identity provider to another can be tedious, and requires utmost care and effort, since even one mistake can lead to data breaches or loss. Zoho Directory provides you with different ways to import your users. ...
Zoho Directory Sync Tool - Troubleshooting
Prerequisites Roles required to perform this action: Organization Owner Organization Admin Troubleshooting This document contains error messages you may encounter when you're setting up and using the Zoho Directory Sync Tool, and the methods to ...
Add OneLogin to Zoho Directory
Prerequisites Roles required in Zoho Directory to perform this action: Organization Owner Organization Admin Role required in OneLogin: Admin Plan required in Zoho Directory: Free plan Professional plan (if you want to add multiple directories) In ...
Import users from Okta to Zoho Directory
If you are currently using Okta as your cloud directory service to store your organization data, you can easily import your users to Zoho Directory. For exporting users from Okta, Okta prescribes a Chrome browser extension called rockstar. Export ...
Import users from CyberArk to Zoho Directory
If you are currently using CyberArk as your cloud directory service to store your organization data, you can easily import your users to Zoho Directory. Export users from CyberArk Sign in to your CyberArk Admin Portal. In the left menu, click Reports ...