During set-up and configuration (including testing of mappings)
- There is an a read-only admin bind to your directory to check status and read the available attributes for mapping
During user authentications
- There is an a read-only admin bind to your directory to discover the FQDN of the user based on whichever attribute you have defined as the userID
- Once the user's FQDN is known, it is used with the user's password to bind for authentication and request of any mapped attributes
All connections from us will come from specified IP addresses , available from our service desk(126.96.36.199 and 188.8.131.52). Any changes to these would be communicated in advance.
The admin credentials used MUST have sufficient access to search for accounts and read the FQDN of any user account (that should have access).
The admin credentials used SHOULD have sufficient access to read all mappable attributes for user accounts so that typeaheads work when setting up mappings and permission set rules.