Home
Connecting to other systems
Learn how to connect ClearID to other systems.
Synchronizing identities using LDAP
Use the Genetec ClearID™ LDAP Synchronization Agent to synchronize Active Directory (AD) Lightweight Directory Access Protocol (LDAP) attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
About ClearID LDAP Synchronization Agent
The Genetec ClearID™ LDAP Synchronization Agent is a Windows application that is used to synchronize Active Directory (AD) Lightweight Directory Access Protocol (LDAP) attributes into Genetec ClearID™ identity attributes.

About ClearID
Learn about the ClearID self-service physical access management solution.
What's new
Check out what's new in the latest update to ClearID.
Deployment preparation
Check your compatibility and deployment requirements.
ClearID plugin
Learn how to download and install the plugin.
Managing identities and users
Learn how to manage identities and users.
Managing sites
Learn how to manage sites.
Managing areas
Learn how to manage areas.
Managing visitors
Learn how to manage visit requests and access requests.
Managing visitor watchlists
Learn how to manage visitor access using watchlists.
Role-based access control
Learn about role-based access control.
Connecting to other systems
Learn how to connect ClearID to other systems.
- Authenticating your connection
  Before you can connect with Genetec ClearID™ to synchronize data or issue API commands, you must first authenticate your applications (or API environment) so that your applications or API can communicate with ClearID.
- Setting up data synchronization
  Setting up data synchronization in Genetec ClearID™ involves learning some concepts, configuring the synchronization solution for your identity data, and the webhook integration options that are relevant for your organization.
- Synchronizing identities using an API
  Use the Genetec ClearID™ API to code your own solutions to automate various functions in ClearID. The primary use for the REST API is synchronizing identities, however many other scenarios are also possible.
- Synchronizing identities using the SCIM integration
  To synchronize external system attributes from a supported identity provider into Genetec ClearID™ identity attributes, you can use the System for Cross-domain Identity Management (SCIM) integration. These identity attributes can then be used in ClearID to assign people to roles and automate role-based access control.
- Synchronizing identities using One Identity
  Use the Genetec ClearID™ One Identity Synchronization Tool to synchronize external system attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
- Synchronizing identities using LDAP
  Use the Genetec ClearID™ LDAP Synchronization Agent to synchronize Active Directory (AD) Lightweight Directory Access Protocol (LDAP) attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
  - About ClearID LDAP Synchronization Agent
    The Genetec ClearID™ LDAP Synchronization Agent is a Windows application that is used to synchronize Active Directory (AD) Lightweight Directory Access Protocol (LDAP) attributes into Genetec ClearID™ identity attributes.
  - LDAP attributes to ClearID attribute mappings
    When you synchronize an Active Directory (AD) with Genetec ClearID™ using the ClearID LDAP Agent Configurator, Lightweight Directory Access Protocol (LDAP) attributes are mapped to ClearID identity attributes.
  - Configuring the ClearID LDAP Synchronization Agent
    Before you can synchronize an Active Directory (AD) with Genetec ClearID™, you must first configure the Genetec ClearID™ LDAP Synchronization Agent.
ClearID Self-Service Kiosk
Learn about the ClearID Self-Service Kiosk mobile app that simplifies visitor management and check-in.
Troubleshooting
Troubleshoot common issues that can occur.
Additional resources
Need tech support or product information? Check out these resources.
Glossary

About ClearID LDAP Synchronization Agent

2023-03-03

The Genetec ClearID™ LDAP Synchronization Agent is a Windows application that is used to synchronize Active Directory (AD) Lightweight Directory Access Protocol (LDAP) attributes into Genetec ClearID™ identity attributes.

ClearID LDAP Synchronization Agent showing configuration settings.

The ClearID LDAP Synchronization Agent application includes the following components:

Konfigurator (Genetec.ClearID.LdapSyncAgentConfiguration.exe) is the user interface component of the windows application that is used to configure the synchronization agent.
Genetec ClearID LDAP Synchronizer (Genetec.ClearID.LdapSyncAgent.Service.exe) is the Windows service component of the application that performs Active Directory LDAP attributes to Genetec ClearID™ identity attributes synchronization automatically in the background at intervals specified in the Synchronization Agent.

The ClearID LDAP Synchronization Agent application is intended for use by IT or security personnel responsible for Active Directory (AD) administration.

Synchronization

Identities in ClearID can come from a variety of data sources (Databases, HR, External Sources) and can be synchronized using various tools (Genetec ClearID™ LDAP Synchronization Agent, Genetec ClearID™ API, or Genetec ClearID™ One Identity Synchronization Tool).

The following information describes Active Directory LDAP synchronization:

Synchronization of LDAP attributes into ClearID identity attributes is INBOUND only.
CAUTION: Any changes only made to identities in ClearID can be overwritten by the next synchronization from the Active Directory.
Synchronization occurs automatically at the intervals specified in the ClearID LDAP Synchronization Agent.
- The whenChanged attribute indicates the last time that a synchronization occurred. This attribute is then used to query Active Directory users that have changed since the last synchronization so that only changed users are updated when the next synchronization occurs.
- The first time a synchronization occurs, all Active Directory user attributes are synchronized.
- The next time a synchronization occurs, only Active Directory user attributes that have changed since the last time the agent ran are synchronized.