LDAP Sync Setup

Owned by Knowledge Assistant
Oct 06, 2023
2 min read



Description of Issue

How to set up LDAP Sync for an On-Prem client 



Context

  • Munis LDAP

  • Active Directory

  • MunisUsers Group

  • Users



Cause

Site would like to set up LDAP for the first time



Resolution

  1. Log into the Munis application server with tylerservice or an administrator account

  2. Create a text file to store LDAP values in

  3. Open a command prompt, type set L and hit enter

    1. Record the LOGONSERVER value (minus the \\) into your text file

  4. Open File Explorer and navigate to <mundrv>:\TylerInstalls\TYLER_DEPLOYMENT_TOOLS

  5. Open ADExplorer.exe

    1. Can also be obtained from here https://live.sysinternals.com/ADExplorer.exe

  6. In the Connect to: field, enter the LOGONSERVER value you recorded, then click OK

  7. In the new window under the LOGONSEVER name, right click the top level domain, click Copy Object Name and paste into your text file

  8. Back in the AD Explorer, click Search > Search Container...

  9. Fill out the search fields as shown below

    1. Under the Class dropdown, select Container -- container

    2. Under the Attribute dropdown, select cn

    3. Under the Relation dropdown, select Contains

    4. In the Value field, enter munis

  10. Click Add, then click Search

  11. Double click the result for the munisusers group (or equivalent). This will expand the AD Explorer tree directly to that result.

  12. Close the Search Container window

  13. Right click the munisusers group, click Copy Object Name and paste into your text file

  14. Log into Munis with an account that has system administration permissions

  15. From the Munis menu, open LDAP Settings (System Administration > General Administration > LDAP Settings)

  16. Select the desired group of users to which the settings will apply (Ex: Users, Employees, etc)

  17. Click Update 

  18. Enter values as follows

    1. Name: Group name

      1. Ex: Users

    2. Description: Group description

      1. Ex: Users

    3. Check off Enabled

    4. If using SSL, check off Use SSL

    5. Host Address: LOGONSERVER value from step 3

    6. Port: LDAP port

      1. Not using SSL: Typically 389

      2. Using SSL: 636

    7. User: munisldap account entered as domain\munisldap

      1. Ex: TYLERTOWN\munisldap

    8. Password: munisldap password

      1. If this is wrong, you will receive an error when you tab out of this field

    9. Search DN: Top level domain value from step 6

      1. Ex: DC=corp,DC=tylertechnologies,DC=com

    10. Filter: Start by entering (memberOf

      1. Paste the munisusers group object name from step 12

      2. Close out filter with a parenthesis

      3. Ex: (memberOf=CN=MunisUsers,CN=Users,DC=corp,DC=tylertechnologies,DC=com)

  19. Click Accept to save



Additional Information