LDAPCP

Introduction

LDAPCP Second Edition is a complete rewrite of LDAPCP (Classic), to replace it and bring major improvements in terms of reliability, administration and features. See the announcement to know more about the reasons for this new claims provider.

Use case

LDAPCP is useful when SharePoint is federated with ADFS (or a similar STS) using WS-Federation or OpenID Connect.
It runs inside SharePoint and queries your Active Directory and LDAP servers to find users and groups:

Image

It can be easily tested by deploying this ARM template in Azure: It creates a full SharePoint farm, configures federation with ADFS and installs LDAPCP.

Prerequisites

  • SharePoint Subscription Edition, SharePoint 2019 or SharePoint 2016.
  • .NET Framework 4.8 or newer on all SharePoint servers.

Features

  • Searches users and groups based on the people picker’s input.
  • Gets group membership of trusted users (augmentation).
  • Queries multiple AD / LDAP servers in parallel.
  • Populates the metadata (e.g. email, display name) of the entities.
  • Easy to configure through PowerShell or administration pages.
  • No dependency on any SharePoint service application.

Improvements over LDAPCP Classic

  • The SharePoint solution is now of type ApplicationServer, which both simplifies and improves the reliability of the install/update/remove operations.
  • Administration pages were redesigned to be more intuitive while offering more customization.
  • Supports using the SID attribute.
  • Gets the nested groups when doing augmentation using LDAP queries.
  • A ton of optimizations.
Last updated on March 19, 2024
Edit this page on GitHub
Next
Installation