Configure LDAP Connection

Prev Next

General settings

To configure the LDAP connection, go to the Connection tab in Administration > Workspace > Settings > LDAP, and set the following parameters:

  • Enable: Turn LDAP authentication on or off.

  • Server Type: Select the type of server you’re connecting to (e.g., Active Directory).

  • Host: Enter the LDAP host or domain. Example: ldap.example.com or 10.0.0.30.

  • Port: Specify the LDAP connection port. Default values: 389 (LDAP) or 636 (LDAPS).

  • Reconnect: Automatically attempt to reconnect if the connection is interrupted.

  • Login Fallback: Allow users to log in with their local Rocket.Chat account if the LDAP server is unavailable.

For sample values of different settings, see LDAP Setup Example guide.

Authentication

Configure the following settings to allow Rocket.Chat to authenticate users via LDAP:

  • Enable: Turn LDAP authentication on or off.

  • User DN: Enter the distinguished name (DN) of the LDAP user that performs lookups to authenticate others. This is typically a service account created specifically for integrations. Example: cn=Administrator,cn=Users,dc=Example,dc=com

  • Password: Enter the password for the User DN account.

Encryption

Configure the encryption settings used for communications with the LDAP server:

  • Encryption: Select the method to secure communication:

    • plain – No encryption

    • SSL/LDAPS – Encrypted from the start

    • StartTLS – Upgrade to encrypted communication after connecting

  • CA Cert: Enter the CA certificate for signing.

  • Reject Unauthorized: Disable this option to allow unverified certificates (required for self-signed certificates).

Timeouts

Define how long Rocket.Chat waits before timing out LDAP operations:

  • Timeout (ms): Time to wait for a search result before returning an error.

  • Connection Timeout (ms): Maximum time before an LDAP connection attempt fails.

  • Idle Timeout (ms): Time to wait after the last LDAP operation before closing the connection. Each new operation starts a new connection.

After configuring, click Save changes. To verify your connection, click Test Connection. If successful, you’ll see the message: LDAP Connection Successful.

With LDAP connection settings complete, proceed to configure User Search and Data Sync options for better user authentication and management.