Dean Flaming

Tech Curmudgeons

Dean Flaming

These are my technical notes and blog postings on Identity, Mobility, and More...

VMware Workspace ONE UEM Directory Integration Examples

Introduction

Below are VMware Workspace ONE UEM Directory Integration examples for various directory types. Please note, always refer to VMware documentation as those are official. The below are examples for use as assistance in configuring your own environments.

WARNING: ALWAYS TEST IN NON-PRODUCTION ENVIRONMENTS - NEVER TEST IN PRODUCTION!

NOTES!

  • Only modified sections are listed below in the Users and Groups sections. Blank entries do not mean delete the corresponding UEM setting. Rather it means the default settings should be left alone.
  • If viewing in a browser, you may need to scroll right/left on the each of the charts or the whole web page depending on how your browser displays this page.
  • Anything in "[...]" would be replaced with your network values.

Common UEM Directory Service Configurations

Server Settings

Setting
AD - Directory
AD - Basic
OpenLDAP
Lotus Domino
Novell e-Directory
Oracle (ODSEE)
Directory Type
Active Directory
Active Directory
OpenLDAP
Lotus Domino
Novell e-Directory
Other LDAP
Server
[server_FQDN]
[server_FQDN]
[server_FQDN]
[server_IP]
[server_IP]
[server_FQDN]
Encryption Type
none
none
none
none
none
none
Port
389
389
389
389
389
1389
Protocol Version
3
3
3
3
3
3
Service Account Credentials
no
no
no
no
no
no
Authentication Type
NTLM
Basic
Basic
Basic
Basic
Basic
Username
[domain]\[username]
[domain]\[username]
cn=[container],dc=[domain],dc=[domain]
[username]
CN=[username],OU=[org_unit],OU=[org_unit],O=[org]
cn=[container]
Password
[password]
[password]
[password]
[password]
[password]
[password]
Domain
[domain]
[domain]
none
none
none
[domain]

User Settings

NOTE: Only modified sections are listed below. Blank entries do not mean delete the corresponding UEM setting. Rather it means the default settings should be left alone.
Setting
AD - Directory
AD - Basic
OpenLDAP
Lotus Domino
Novell e-Directory
Oracle (ODSEE)
Base DN
DC=[domain],DC=[domain],DC=[domain]
DC=[domain],DC=[domain]
dc=[domain],dc=[domain]
O=[Org]
O=[Org]
DC=[domain],DC=[domain]
User Object Class
User Search Filter
(&(objectCategory=person)(sAMAccountName={EnrollmentUser}))
(&(objectClass=person)(uid={EnrollmentUser}))
(&(objectClass=person)(uid={EnrollmentUser}))
(&(objectClass=person)(uid={EnrollmentUser}))
(&(objectClass=person)(cn={EnrollmentUser}))
Object Identifier
objectGUID
entryUUID
dominoUNID
GUID
nsuniqueid
Username
sAMAccountName
uid
uid
uid
cn
Member Of
memberOf
groupMembership
Full Name
Display Name
First Name
Middle Name
Last Name
Email Address
Email Username
Mobile Phone
Phone Number
Distinguished Name
User Principal Name
Department
Status
Lockout Time
Object Class
objectClass
objectClass
objectClass
objectClass
Last Modified
Binding Attribute

Group Settings

NOTE: Only modified sections are listed below. Blank entries do not mean delete the corresponding UEM setting. Rather it means the default settings should be left alone.
Setting
Active Directory (both)
Open LDAP
Lotus Domino
Novell e-Directory
Oracle (ODSEE)
Base DN
DC=[domain],DC=[domain],DC=[domain]
dc=[domain],dc=[domain]
O=[Org]
O=[Org]
Group Object Class
group
posixGroup
dominogroup
groupofuniquenames
Organizational Unit Object Class
Group Search Filter
(&(objectClass=posixGroup))
Group Attribute("Member")
Membership
Attribute
Relative Distinguished Name
Search
Members
Using
Object
Identifier
objectGUID
entryUUID
dominoUNID
GUID
nsuniqueid
Name
name
cn
cn
cn
cn
Member
member
Common
Name
cn
Member Of
memberOf
memberOf
groupmembership
Distinguished
Name
distinguishedName
Group Object Class
objectClass
objectClass
Organizational Unit
Organizational Unit Object Class

Thanks: Big thanks to VMware Engineering Austin Schoen and John Richards for providing this data.



Published by Dean Flaming on