Key Concepts » Enterprise Directories
Directory Integrations with Conjur Enterprise
Conjur Enterprise integrates with your existing Active Directory or LDAP installation.
- LDAP Sync synchronizes users and groups from AD/LDAP into Conjur. Running an initial sync on a subset of users is often the first step to getting Conjur up and running. LDAP Sync is often run on a schedule to keep Conjur up to date.
- LDAP Authenticator is a Conjur server-side plugin that calls out to an external AD/LDAP service to bind. This means that your can use your existing user management system for authentication, while Conjur handles authorization.
If you have an existing AD/LDAP service you can use either, or both, tools to make user management easier.
Conjur also provides an LDAPS interface which you can use to search, authenticate, and authorize users.
Conjur SSH uses this interface to provide agentless dynamic access management.
Read more about Conjur LDAPS here.