Skip to content

On Prem / Azure Hybrid Active Directory

Under the hood Hybrid (Active Directory + Azure Active Directory) uses a Lightweight Directory Access Protocol (LDAP) based authorization. By linking your account with Hire2Retire, you can authorize RoboMQ to perform operations to your Active Directory Domain Controller.

Hire2Retire product supports employee operations of onboarding, updating, termination, rehire and leave in Active Directory. Thus, the user account you use to establish the connection must satisfy one of the following criteria:

  • Belong to the security group "Domain Admin".
  • Set up delegate control of this user under the target Organization Units (OU).

Create Hybrid Connection

Hire2Retire requires the following details to create a connection.

  • Connection Name - A user defined nomenclature for your connection. By default, the connect name is "Connection-Directory Service", you can change the name as per your preferences.
  • Host - The host name is the IP address of your Active Directory Server.
  • Port - The TCP/IP port on which the Active Directory server is listening. Hire2Retire will only establish the LDAP connection with your SSL port. (The default is 636)
  • Base DN - It is a collection of objects that Hire2Retire will access within an Active Directory network. An object can be a single user, a group of users or a hardware component, such as a computer or printer. Each base DN holds a database containing object identity information. It should be given in the format "DC=example-domain,DC=com"
  • Username - The username to access the Active Directory server. Please make sure it belongs to the security group "Domain Admin" and has delegated control to target Organization Units (OU).
  • Password - The Password to access the Active Directory server.

Connection page

Figure 1. Hybrid Connection Set Up Page

Connection page

Figure 2. Hybrid Connection Set Up Page for multi-domain controller