LogMeIn support sites no longer support Microsoft's Internet Explorer (IE) browser. Please use a supported browser to ensure all features perform as they should (Chrome / FireFox / Edge).

The GoTo support site no longer supports Safari 15. Please upgrade your browser to Safari 16 (or newer) or switch to a supported browser such as Google Chrome, Mozilla Firefox, or Microsoft Edge.

DEADLINE: Complete SMS registration immediately to avoid SMS service disruption! Starting December 1, 2024, United States carriers will block all unregistered SMS.

We are currently experiencing an unplanned outage for this product. View Service Status
  • Support
  • Products

    Explore support by product

    GoTo Connect

    All-in-one phone, meeting and messaging software

    GoTo Meeting

    Video and audio meeting software

    GoTo Webinar

    All-in-one webinar and virtual events software

    GoTo Room

    Conference room hardware

    GoTo Training

    Online training software

    OpenVoice

    Audio conferencing software

    Grasshopper

    Lightweight virtual phone system

    join.me

    Video conferencing software

    GoTo Resolve

    IT management & support

    GoTo Resolve MDM

    Mobile device management

    Pro

    Remote device access

    Central

    Remote monitoring & management

    Rescue

    Remote IT support

    GoToMyPC

    Remote desktop access

    GoToAssist

    Remote support software

    Hamachi

    Hosted VPN service

    RemotelyAnywhere

    On-prem remote access solution
  • Community
  • Trainings
  • Service Status

  • DEADLINE (December 1): SMS Registration

    Complete registration immediately to avoid SMS service disruption. Starting December 1, 2024, United States carriers will block all unregistered SMS.

    Get Ready for the Holidays

    Customize your phone system for the holidays. Whether you are taking some days off or just changing your open hours, we’ve got you covered!

    How do I prepare my phone system for a holiday?
  • Language selector icon Language selector icon
    • English
    • français
    • italiano
    • Deutsch
    • español
    • português
    • Nederlands
  • Contact Support
  • Service Status
  • User Avatar User Avatar
    • Support
    • Contact Support
    • Browse Products
    • Service Status
    • Community
    • Trainings
    • Sign in
    • User Avatar
    • My Account
    • Personal Info
    • Sign In & Security
    • My Cases
    • Billing Center
    • https://link.goto.com/myaccount-billing
    • My GoTo Connect
    • My Meetings
    • My Webinars
    • My Trainings
    • My Conferences
    • My Resolutions
    • My Mobile Devices
    • My Sessions
    • My Sessions
    • My Incidents
    • Sign out
  • Phones and meetings
  • Account and Billing
  • Explore Features
  • Phone System
  • Utilities
product logo
Back button image Back
Back button image
product logo

What are the corporate directory (LDAP) settings?

Below is a list of all the corporate directory settings and their descriptions.
Important: We're in the process of migrating all accounts to the new GoTo Admin. Choose your current admin experience for the applicable steps on this topic.

GoTo Admin

If you're an admin who signs in at https://admin.goto.com, these steps are for you.

Corporate directory (LDAP) settings
General
Setting Description
Name The name used to identify the directory in the admin portal.
Connection Settings
Setting Description
Host Host DNS name or IP address of the directory server. Devices must be able to resolve this address since the searches are executed directly from the phone to the directory server.
Port The default LDAP port is 389. It is unusual for this value to be different. LDAPS is not always supported. As a result, make sure to use a username with read-only access. If LDAPS is deployed, the correct port will need to be entered (usually 636).
Use TLS Enable this setting to use LDAP over Transport Layer Security (TLS). This is only supported on Polycom devices and where the LDAP server has a valid certificate.
Bind DN The distinguished name (DN) with which devices will bind (authenticate).
Bind Password Password required for the phone to authenticate as the given Bind DN.
Note: LDAPS is only supported on Polycom phones and only if an appropriate certificate (view the Certificate tab) is uploaded. Unless an appropriate certificate has been uploaded, the bind password will be sent in clear text across the network. If you do not have a valid certificate, it is highly recommended that the bind DN should be a read-only user. Certificates are only usable on Polycom devices. On all other manufacturers handsets, the bind password will ALWAYS be sent in clear text. Failure to use credentials with read-only access can lead to the directory service being compromised.
Search Settings
Setting Description
Search Base Directory location where searches will be based. We recommend using a narrow search base. The impact of the searches can be minimized by using a more specific search base. (e.g., "ou=Users,dc=example,dc=com" is better than "dc=example,dc=com").
Search Scope Depth of the search through the directory tree.
  • Subtree: Searches all entries in and below the location specified in the search base.
  • One Level: Only searches entries in the location specified in the search base and not any subdirectories.
Filter — Optional Filter added to all searches made by the devices against the directory server. We recommend using a narrow filter. Defining a filter like “(objectclass=person)” can significantly reduce search load in certain directory implementations.
Display Name Attribute Attribute used as the name in results returned to the device in searches. Used for Cisco/Linksys SPA devices. For Polycom SoundPoint IP devices, the results are displayed [Last Name Attribute], [First Name Attribute].
First Name Attribute Attribute that contains the first name in the directory. Devices will also filter against this attribute in searches.
Last Name Attribute Attribute that contains the last name in the directory. Devices will also filter against this attribute in searches.
Phone Number Attributes A comma separated list of phone number attributes in the directory. In the case of Cisco/Linksys SPA devices, the first listed phone number is the only number that the device can directly dial. The rest are only displayed for informational purposes.

Certificates

Only Polycom devices support the use of certificates to enable LDAP using TLS.

Instructions
Description
  • Add the certificate in the provided text field in base64 PEM format. Make sure to copy and paste the entire contents of the certificate file provided by your certificate authority within the header -----BEGIN CERTIFICATE----- and footer -----END CERTIFICATE-----. Multiple certificates can be entered as needed.
  • If your LDAP server is using a certificate signed by a certificate authority that is ‘trusted’ by Polycom, then no settings are needed on this page.
  • If you don’t have a certificate signed by a certificate authority that is trusted by Polycom, then you must provide the “public certificate” of the signing certificate authority. You will generally need to contact your certificate authority to obtain this.

PBX Administration (classic)

If you're an admin who signs in at https://my.jive.com/pbx, these steps are for you.

Corporate directory (LDAP) settings
General
Setting Description
Name The name used to identify the directory in the admin portal.
Connection Settings
Setting Description
Host Host DNS name or IP address of the directory server. Devices must be able to resolve this address since the searches are executed directly from the phone to the directory server.
Port The default LDAP port is 389. It is unusual for this value to be different. LDAPS is not always supported. As a result, make sure to use a username with read-only access. If LDAPS is deployed, the correct port will need to be entered (usually 636).
Use TLS Enable this setting to use LDAP over Transport Layer Security (TLS). This is only supported on Polycom devices and where the LDAP server has a valid certificate.
Bind DN The distinguished name (DN) with which devices will bind (authenticate).
Bind Password Password required for the phone to authenticate as the given Bind DN.
Note: LDAPS is only supported on Polycom phones and only if an appropriate certificate (view the Certificate tab) is uploaded. Unless an appropriate certificate has been uploaded, the bind password will be sent in clear text across the network. If you do not have a valid certificate, it is highly recommended that the bind DN should be a read-only user. Certificates are only usable on Polycom devices. On all other manufacturers handsets, the bind password will ALWAYS be sent in clear text. Failure to use credentials with read-only access can lead to the directory service being compromised.
Search Settings
Setting Description
Search Base Directory location where searches will be based. We recommend using a narrow search base. The impact of the searches can be minimized by using a more specific search base. (e.g., "ou=Users,dc=example,dc=com" is better than "dc=example,dc=com").
Search Scope Depth of the search through the directory tree.
  • Subtree: Searches all entries in and below the location specified in the search base.
  • One Level: Only searches entries in the location specified in the search base and not any subdirectories.
Filter — Optional Filter added to all searches made by the devices against the directory server. We recommend using a narrow filter. Defining a filter like “(objectclass=person)” can significantly reduce search load in certain directory implementations.
Display Name Attribute Attribute used as the name in results returned to the device in searches. Used for Cisco/Linksys SPA devices. For Polycom SoundPoint IP devices, the results are displayed [Last Name Attribute], [First Name Attribute].
First Name Attribute Attribute that contains the first name in the directory. Devices will also filter against this attribute in searches.
Last Name Attribute Attribute that contains the last name in the directory. Devices will also filter against this attribute in searches.
Phone Number Attributes A comma separated list of phone number attributes in the directory. In the case of Cisco/Linksys SPA devices, the first listed phone number is the only number that the device can directly dial. The rest are only displayed for informational purposes.

Certificates

Only Polycom devices support the use of certificates to enable LDAP using TLS.

Additional Certificate Authorities
Description
  • Add the certificate in the provided text field in base64 PEM format. Make sure to copy and paste the entire contents of the certificate file provided by your certificate authority within the header -----BEGIN CERTIFICATE----- and footer -----END CERTIFICATE-----. Multiple certificates can be entered as needed.
  • If your LDAP server is using a certificate signed by a certificate authority that is ‘trusted’ by Polycom, then no settings are needed on this page.
  • If you don’t have a certificate signed by a certificate authority that is trusted by Polycom, then you must provide the “public certificate” of the signing certificate authority. You will generally need to contact your certificate authority to obtain this.
Related Articles
  • How do I create a corporate directory (LDAP)?
  • How do I choose a corporate directory (LDAP) for a phone?
  • Create a dial by name directory
  • How do I search the default dial by name directory?
Article last updated: 16 May, 2023
You are viewing the latest version of this article.

Need help?

Contact icon Contact support
Community icon Ask the Community
Training icon Attend trainings
Video icon Watch videos
  • Language selector icon Language selector icon
    • English
    • français
    • italiano
    • Deutsch
    • español
    • português
    • Nederlands
  • About Us
  • Terms of Service
  • Privacy Policy
  • Trademark
  • Browse Products
  • Copyright © 2024 GoTo Group, Inc. All rights reserved

Collaboration Products

GoTo Connect

GoTo Meeting

GoTo Webinar

GoTo Training

join.me

Grasshopper

OpenVoice

Remote Solutions Products

GoTo Resolve

Rescue

GoToAssist

Access Products

Pro

Central

GoToMyPC