On Premise / Entra ID Hybrid Active Directory

The authorization system behind Hybrid AD (Active Directory + Entra ID) is based on Lightweight Directory Access Protocol (LDAP). By linking your account with Hire2Retire, you can authorize RoboMQ to perform operations to your Active Directory Domain Controller.

It supports employee lifecycle operations such as onboarding, offboarding, rehire, role updates and long term leaves in Active Directory. Hence, one of the below criteria must be met by your user account to create connection:

• Should be a part of "Domain Admin" security group.
• Assign control of this user under dedicated Organization Units (OU).

Create Hybrid Connection

To establish connection, Hire2Retire requires below mentioned details.

• Connection Name - Set up user defined connection nomenclature. The connection name will be "Connection-Directory Service" by default. However, as per your preferences, you can rename it.
• Host - Your Active Directory (AD) Server’s IP Address is Host name.
• Port - The port on which AD server is listening is TCP/IP port. Hire2Retire product will establish only the LDAP connection with your SSL port. (The default port is 636)
• Base DN - The group of objects that Hire2Retire will access within an AD network is Base DN. A single user, a group of users, or a device like monitor can be defined as object. Each of the base DN carry a database with object identity information. Its format should be "DC=example-domain, DC=com".
• Username - A unique username for accessing the AD server. Username should belong to "Domain Admin" security group and should have delegated control to target Organization Units (OUs).
• Password - It is a Passphrase for accessing AD server.

Figure 1. Hybrid Connection Set Up Page

Figure 2. Hybrid Connection Set Up Page for multi-domain controller