LDAP Integration

This article describes how you can manage your GoldPhish learners through integration with your company’s LDAP server.


GoldPhish can integrate with most LDAP directories and the following schema configurations:


  • Active Directory
  • OpenLDAP
  • FreeIPA

Step 1: Configure in GoldPhish


1. To get started, navigate to the 'Users' section, click the 'Add Usersbutton in the top right corner and select 'Sync Users'.

2. You will be taken to the 'Settings' 'User Sync' section. Click the 'Setup LDAP' option.

3. Select your sync Schedule Type (when do you want syncing to take place):


  • Manual: Not scheduled, instead sync on demand. 
  • Daily: Choose the time at which syncing will automatically occur daily. 
  • Weekly: Choose the day and time for weekly syncing.

4. Add your Host address. This can be either a domain or an IP address. For example: "ldap.example.com". 


5. Add your Port number. If you're using an SSL or "LDAPS" for encryption, please use port "636".

6. Add your LDAP Username. This is likely be an administrative email address, but could also be the Relative Distinguished Name of your admin user. For example, "admin@example.com" or "CN=admin,DC=example,DC=com", depending on your server configuration.

7. Add your LDAP user's password into the Password field. The password field will clear upon accepting the password, and the field name will change to "New password" to indicate that a password is already saved.

8. Add your Base DN. The "Base DN" is the point from which our platform will begin its search for users inside your directory. For example, "DC=example,DC=com" could look for users inside your root directory and "OU=GoldPhish,DC=example,DC=com" could look for users inside an Organisational Unit called "GoldPhish" inside your root directory.

  • DC = Domain Component
  • OU = Organisational Unit

9. Click 'Save' to progress to the Sync Summary and Review step.

 Step 2: Sync Summary & Sync Review


1. Once on the Config Summary page, double-check check your Sync config settings are correct. 

2. Select the 'Test Connection' button to confirm settings are correct. A confirmation message will appear if the connection is successful. 


3. Select the 'Preview Sync' button.  


4. The Preview Sync dashboard will give you a preview of what actions will take place on the GoldPhish platform once the User Sync is activated. Users will be allocated one of four statuses:


  • New Learners: Learners that don't currently exist on the GoldPhish platform but appear in your Active Directory. They will be imported into GoldPhish when the next sync runs.
  • Deleted Learners: Learners that currently exist on the GoldPhish platform but don't appear in your Active Directory. They will be removed from GoldPhish when the next sync runs.
  • Existing Learners: Learners that currently exist on the GoldPhish platform AND in your Active Directory. They will remain unchanged on GoldPhish when the next sync runs.
  • Manager: The designated company Manager will remain unchanged by User Sync. 

5. Select the 'Run User Sync' button in the top right corner. This will manually run your first sync, and it will activate any scheduled syncing to occur in future. 

Whitelisting for Firewalls


Often, organisations will need to "whitelist" our LDAP communications on their organisation's firewall.

Please whitelist the IP address 77.68.84.212 to communicate over LDAP on the port (636) for which you are trying to connect. 

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles