To configure the LDAP connection, go to Manage 
→ Workspace → Settings → LDAP → Connection
General settings
Setting | Description |
|---|---|
Enable | Turn LDAP authentication on or off. |
Server Type | Select the type of server you’re connecting to (for example, Active Directory). |
Host | Enter the LDAP host or domain. Example: |
Port | Specify the LDAP connection port. Default values: |
Reconnect | Automatically attempt to reconnect if the connection is interrupted. |
Login Fallback | Allow users to log in with their local Rocket.Chat account if the LDAP server is unavailable. |
For sample values of different settings, see LDAP Setup Example guide.
Authentication
Configure the following settings to allow Rocket.Chat to authenticate users via LDAP.
Setting | Description |
|---|---|
Enable | Turn LDAP authentication on or off. |
User DN | Enter the distinguished name (DN) of the LDAP user that performs lookups to authenticate other users. This is typically a service account. Example: |
Password | Enter the password for the User DN account. |
Encryption
Configure the encryption settings used for communication with the LDAP server.
Setting | Description |
|---|---|
Encryption | Select the method to secure communication: • |
CA Cert | Enter the CA certificate for signing. |
Reject Unauthorized | Disable this option to allow unverified certificates (required for self-signed certificates). |
Timeouts
Define how long Rocket.Chat waits before timing out LDAP operations.
Setting | Description |
|---|---|
Timeout (ms) | Time to wait for a search result before returning an error. |
Connection Timeout (ms) | Maximum time before an LDAP connection attempt fails. |
Idle Timeout (ms) | Time to wait after the last LDAP operation before closing the connection. Each new operation starts a new connection. |
After configuration
Click Save changes.
Click Test Connection.
If successful, the message LDAP Connection Successful is displayed.