We value your privacy

We use cookies to personalize your use of our site. This includes third-party cookies for that we use for advertising and site analytics. See our Privacy Statement and Cookie Policy for more information on how we collect and use data.

Cookie Options
OK
Knowledge Center

Import users and groups from an LDAP server

Last updated:Invalid date

Import users and groups from an LDAP server

C2 Identity supports importing users and groups from LDAP servers. You can generate a CSV file from your LDAP server using our export tool and then upload it to C2 Identity. Passwords for users can also be migrated.

Import from an LDAP server

  1. In the C2 Identity Admin Portal, go to the User page.
  2. Click Add > Import users/groups and select one of the following depending on your directory source:
    • From Synology LDAP Server: Choose this option if your directory service is run by LDAP Server.
    • From general LDAP server: Choose this option if your directory service is from a non-Synology LDAP server.
  3. Enter the following information and click Next:
    • LDAP local IP: The IP address or hostname of LDAP server.
    • Base DN: The starting point from which the LDAP server searches for user data.
    • Bind DN: The distinguished name of a root account.
    • Bind DN password: The password of the Bind DN account.
  4. Select the export tool based on the OS of your computer and click Download 2.png.
  5. Place the export tool to your desired location. If you are using a Mac, open the .dmg file and drag out the export tool.
  6. In PowerShell (Windows) or Terminal (macOS/Linux), enter the path of export tool and run the command provided in the Import users/groups from LDAP server window. The tool will generate a CSV file in the folder where the tool is saved. If you wish to edit the CSV, see the next section for more information.
  7. Go back to the C2 Identity Admin Portal and click Browse 2.png to upload the CSV file.
  8. Tick the following options based on your needs:
    • Overwrite duplicate users and groups if you wish to update the existing users/groups with their duplicates in the CSV.
    • Assign C2 Identity licenses to imported users: Tick this option to assign C2 Identity licenses to users, so that the users can be assigned to devices and on-prem/cloud services. The number of available licenses depends on your C2 Identity plan.
  9. Click Import. The users and groups in the CSV file will be imported to C2 Identity. To learn how to activate the imported users, refer to this article.

Imported users do not have NTLM hashes, which are required to support certain legacy protocols (e.g., SMB). For C2 Identity to automatically generate NTLM hashes for users, a password reset needs to be performed when deploying edge servers. To learn more about setting up an edge server, please refer to this article.

About CSV format

For details about common rules and available attributes in CSV files, please refer to this article. The following lists only the information related to CSV exported from LDAP servers.

  • The attribute "HashPassword" stands for a user's password exported from an LDAP server using C2 Identity's export tool.
  • If you wish to update a user's password manually, please enter a new password under "PlainPassword". If a user has both "PlainPassword" and "HashPassword" values, C2 Identity will only identify "PlainPassword" as the user's password.

Further reading

Import from an LDAP server
About CSV format
Further reading