8.4
Hi all, would like to know is there any application type in SailPoint which is equivalent to Active Directory Lightweight Directory Services?
You can use LDAP connector
The answer is already provided but I would like to explain the main key differences between the Active Directory - Direct and LDAP connectors:
| Feature | Active Directory - Direct Connector | LDAP Connector |
|---|---|---|
| Target Directory | Specifically designed for Microsoft Active Directory | Generic; can connect to any LDAP-compliant directory, including AD |
| Protocol/Interface | Optimized for AD; historically uses ADSI/WinNT Provider | Standard LDAP Protocol (TCP/IP) |
| IQService Dependency | Often requires IQService for many operations (especially provisioning, advanced features) | Basic operations may not require IQService |
| AD Feature Support | Strong built-in support for AD-specific features (group nesting, OUs, GPOs, Exchange, trusts) | Less inherent support; may require more manual configuration or scripting |
| Configuration Complexity | Potentially simpler for AD-specific configurations within IIQ | Might require more explicit schema mapping and configuration for AD-specific attributes |
| Efficiency (Complex AD) | Potentially more efficient for complex AD environments | May be less efficient for leveraging advanced AD features |
| Platform Dependency | Often relies on Windows for IQService | More platform-agnostic for basic LDAP connectivity |
| Use Cases | Comprehensive AD management, leveraging rich AD features | Simpler AD management, avoiding IQService dependency, consistent approach for multiple LDAP directories |
