Kaspersky Secure Mobility Management
5.0
English
Working in Kaspersky Security Center Web Console  >  Configuration and management  >  Management of mobile device settings  >  Adding an LDAP account

Adding an LDAP account

These settings apply to supervised devices and devices operating in basic control mode.

To enable an iOS MDM device user to access corporate contacts on the LDAP server, add an LDAP account.

To add an LDAP account of an iOS MDM device user:

  1. In the main window of Kaspersky Security Center Web Console, select Assets (Devices)Policies & profiles. In the list of group policies that opens, click the name of the policy that you want to configure.
  2. In the policy properties window, select Application settings.
  3. Select iOS and go to the Device configuration section.
  4. On the LDAP card, click Settings.

    The LDAP window opens.

  5. Enable the settings using the LDAP toggle switch.
  6. Click Add.

    The Add LDAP account window opens.

  7. On the General settings tab. specify the following LDAP settings:
    • In the Server section, specify the server settings:
      • In the Description field, enter a description of the user's LDAP account. You can either enter a value or select a macro by clicking the plus button.
      • In the Server address field, enter the name of the LDAP server domain.
    • In the Authentication section, specify the user's credentials:
      • In the Account name field, enter the account name for authorization on the LDAP server. You can either enter a value or select a macro by clicking the plus button.
      • In the Password field, enter the password of the LDAP account for authorization on the LDAP server.
      • To use the SSL (Secure Sockets Layer) data transport protocol to secure the transmission of messages, select the Use SSL connection check box.
    • If necessary, in the Per App VPN section, configure Per App VPN.
  8. On the Search settings tab, compile a list of search queries for the iOS MDM device user to access corporate data on the LDAP server:
    1. Click the Add setting button to add a block of the search query settings.
    2. In the Name field, enter the name of a search query.
    3. In the Search scope drop-down list, select the nesting level of the folder for searching corporate data on the LDAP server:
      • Root folder of the LDAP server. Search in the base folder of the LDAP server.
      • First level subfolders. Search in folders in the first nesting level, counting from the base folder.
      • All subfolders. Search in folders in all nesting levels, counting from the base folder.
    4. In the Search base field, enter the path to the folder on the LDAP server where the search begins (for example: "ou=people", "o=example corp").
    5. Repeat steps a-d for all search queries that you want to add to the iOS MDM device.
  9. Click Add.

    The new LDAP account appears in the list.

    You can modify or delete LDAP accounts in the list using the Edit and Delete buttons at the top of the list.

  10. Click OK.
  11. Click Save to save the changes you have made.

Mobile device settings are changed after the next device synchronization with the iOS MDM Server.

As a result, once the policy is applied, LDAP accounts from the compiled list is added on the user's mobile device. The user can access corporate contacts in the standard iOS apps: Contacts, Messages, and Mail.

Article ID: 274799, Last review: May 15, 2025
Page top