Microsoft Active Directory
Connect Zluri with Microsoft Active Directory
Microsoft Active Directory (AD) is an identity management service that stores information about users, groups, and devices in a centralised directory. It enables organisations to manage authentication, enforce security policies, and control access to network resources efficiently.
🤝Zluri + Microsoft Active Directory
Zluri seamlessly connects with your on-premises Active Directory to help you discover, manage, and secure user access across your organisation.
With this integration, you can:
- Automatically discover all users and groups in your AD.
- Keep your Zluri user inventory always up to date with real-time syncs.
- Build onboarding and offboarding workflows that directly reflect your AD structure.
Connecting Zluri to your on-premises Active Directory is simple and secure using the Zluri Directory Agent — a lightweight, Docker-based service deployed on your internal network with a full Web UI for configuration.
You'll:
- Set up in Zluri — Select scopes, name your agent, and get an installation token.
- Deploy via Docker — Load the Docker image and start the connector on a server within your network.
- Create an account & register — Access the Web UI, create an admin account, and register the agent using the installation token.
- Add a Directory Connection — Configure your AD server details (host, port, SSL, credentials) and set up search bases, access control, and attribute fetching.
- Configure the Zluri Integration — Map AD attributes to Zluri fields, set sync schedules, and start syncing users, groups, and OUs automatically.
🐞**Troubleshooting**
Problems connecting? Find solutions to most common integration issues in our troubleshooting document.
Architecture
The Zluri AD Connector uses an outbound-only communication model. It sits within your intranet, connects to your Active Directory via LDAP/LDAPS, and periodically polls Zluri's cloud servers over HTTPS to check for tasks and push sync data. No inbound firewall rules are required.
How it works:
- Zluri Servers ←(HTTPS Polling)← Zluri AD Connector →(LDAP/LDAPS)→ Active Directory
- The connector runs as a Docker container with an internal database, accessible via a secure Web UI on HTTPS (default port 5001).
- It only makes outbound calls — polling Zluri every few minutes for pending tasks and executing them against your AD.
Configuration Options
The Zluri Directory Agent provides a Web UI (accessible at https://<HOST>:<PORT>) with four main sections:
- Dashboard — Monitor agent health, registration status, heartbeat, and polling time.
- Directory Connections — Configure your AD server connection (host, port, SSL/TLS, Bind DN, credentials), search bases with access control (Read-Only / Read-Write), include/exclude filters, and LDAP attributes to fetch.
- Zluri Integrations — Map AD attributes to Zluri fields (e.g.,
userPrincipalName→ Work Email,sAMAccountName→ Display Name), set sync frequency and full sync schedules, and configure notification emails. - Logs — View agent activity and troubleshoot issues.
System Requirements
| Requirement | Specification |
|---|---|
| CPU Cores | 8 Core (minimum 4 Core) |
| RAM | 16 GB |
| Storage | 100 GB |
| Operating System | Any OS — Linux, Windows, or macOS (Docker required) |
| Docker | Docker 20.10+ with Docker Compose v2 (or v1) |
| Internet Connectivity | Yes (outbound HTTPS to Zluri servers) |
| Ports Required | Default 5001 or configured port (TCP) |
| LDAP Connectivity | Network access to your AD server on port 389 (LDAP) or 636 (LDAPS) |
Got questions? Feel free to submit a ticket or contact us directly at [email protected].
Updated about 2 hours ago