Information Technology Services

Home » LDAP » Using LDAP

Using Lightweight Directory Application Protocol (LDAP)

How do I use LDAP?

Before you begin using LDAP, there are a few restrictions/limitations that you need to be aware of.

  • Only Versions 2 & 3 of the LDAP protocol are accepted.
  • No write access is permitted. Our directory is read-only.
  • Data is only available on campus except for limited exceptions.
The data residing in our LDAP directory is sourced from Banner. Any changes to directory data needs to be modified in Banner for the changes to be reflected in the directory.

How do I connect to LDAP?

Connection Settings

The address for the UNCG LDAP directory is You must connect using SSL(ldaps) over port 636.
connection protocol:SSL ( i.e. ldaps:// )
base DN:ou=accounts,o=uncg

Invalid Credentials and Account Lockouts

Due to the architecture of the environment, the new LDAP Directory will not return a notification that an account has been locked after a user has entered invalid credentials multiple times. Even if a user enters valid credentials for a locked account, an invalid username or password error will be returned until the lockout expires.

How do I authenticate to LDAP?

To authenticate to LDAP, you need to provide the Distinguished Name(DN) for your LDAP account object and your LDAP password.

The dn will be in the form of "cn=username, ou=accounts, o=uncg".

What programming languages can I use to interface with LDAP?

Most modern programming languages provide an interface for LDAP. On the Code Examples page you will find PHP, .NET, and Apache Directory Access code samples for interacting with LDAP.

Certificates for non-ITS managed servers

If your application runs on a server not managed by ITS, you may need to install the AddTrust External CA Root certificate in order to communicate with the new ldap server.

Please visit the InCommon Cert Types page to download the needed certificates.