This article provides step-by-step instructions how to enable and configure Directory Synchronization on PGP Universal Server 3.0.

---

Directory Synchronization allows you to assign different user polices to specific internal user groups.

With Directory Synchronization for a PGP Universal Server, internal users for that PGP Universal Server can come only from the directory you specify when you enable Directory Synchronization.

If users are in the directory, they are added to the system as internal users. If users are not in that directory, their disks, messaging, or files are not protected by the PGP Universal Server.

PGP Universal Server supports LDAPv2, LDAPv3, and LDAPS. You can use any of a number of directories with PGP Universal Server, although directories that more closely conform to the OpenLDAP or X.500 standards work best.

Enable LDAP Directory Synchronization

1. Login to the PGP Universal Server administrative interface.
2. Click the Consumers then select Directory Synchronization.
3. Click Enable.
4. Below LDAP Directories, click Add LDAP Directory.
5. Type a Name and select a Type of LDAP directory.

The LDAP directory types include:

• Active Directory
• OPenLDAP (RFC 1274)

6. Type an appropriate value in the Bind DN field. This value is used to initially bind (or log in) to the directory server. Binding determines the permission granted for the duration of a connection.
7. Enter a Passphrase for the user value.
8. Enter a Hostname for your LDAP server.
9. Enter a Port for your LDAP server. By default the LDAP port is 389.
   
   

   Note: Click the Test Connection button to verify you can successfully connect to the LDAP server.

   
   
10. Base Distinguished Names - Enter or browse for a Base DN for your domain.
11. Consumer Matching Rules - PGP Universal can match a consumer's enrollment username to this LDAP Directory using a regular expression.
12. Click Save.