Microsoft AD

Active Directory (AD) is Microsoft's exclusive directory service, running on Windows, allowing admins to manage access and permissions to organizational network resources, on premises.


Connect to AD


Our Microsoft Active Directory (AD) integration uses a common Lightweight Directory Access Protocol (LDAP) based connector for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.

We use SCIM protocols to connect to your Active Directory instance using REST APIs.

Account in Active Directory

IDHub pulls all Active Directory user account information from your Active Directory instance through a specific Distinguished Name (DN) or multiple DNs.

User Account attribute we fetch includes (but not limited to):

  • samAccountName (As a unique identifier)
  • Common Name
  • First Name
  • Last Name
  • Display Name
  • Telephone Number
  • Email-Addresses
  • Department
  • Title
  • Employee Type

Our customers can choose to fetch any other attributes apart from the above as per their individual needs. With our Attribute based Access Control (ABAC), you can decide which information will be used on new user creation and which ones on user modifi

Entitlements in Active Directory

IDHub LDAP Connector pulls only 1 types of entitlement from Active Directory for provisioning and de-provisioning.

  • Directory Groups

Employees of your organization can request for Active Directory Groups as needed.

Active Directory Groups

As part of LDAP connector, we establish connection with Active Directory to fetch all directory groups. We can customize and target a Distinguished Name (DN) while fetching and add additional configurations:

  • Target specific DN to fetch and fetch only parent directory
  • Target specific DN to fetch and fetch parent and child directories
  • Target multiple DN and fetch all directories

All the above configurations will pull directory as ‘Entitlements’

Users will be able to request for directory access from IDHub.

Upon completion of approvals based on request workflow defined by you on a particular directory, the users will automatically get access to the requested directory by our automated fulfillment, thus automatically providing access to the child directories as per rules of Active Directory.

Support and Maintenance

IDHub provides out of the box connector issue support and timely maintenance as a standard quality guarantee for all of our customers having our Cloud solution. However, any customization made to existing connectors requires managed services support plan for support and maintenance. 

Feature Summary


Create User
Modify User
Create Groups (Entitlements)


Remove User
Remove Groups (Entitlements)


Fetch Users
Fetch Groups
Fetch User Assigned Groups

Additional Use Case

Sync to Azure AD
Sync to Okta
Powershell Scripting