This article provides step-by-step instructions how to enable and configure Directory Synchronization on Symantec Encryption Management Server (previously PGP Universal Server).
Directory Synchronization allows you to assign different user polices to specific internal user groups. When using Directory Synchronization, Internal Users come only from the directory you specify when you enable Directory Synchronization. During enrollment, if a user exists in the directory, they are added to the system as internal users and placed in the corresponding policy for their user account.
Symantec Encryption Management Server (SEMS) supports LDAPv2, LDAPv3, and LDAPS. You can use any of a number of directories with Symantec Encryption Management Server, although directories that more closely conform to the OpenLDAP or X.500 standards work best.
TIP: Symantec recommends using LDAPS for secure LDAP connectivity. When using LDAP, the IP address of the domain controller is allowed, however, when using LDAPS, ensure you use the FQDN of the DC or the connections will fail. See article https://knowledge.broadcom.com/external/article/197991 for more information.
Enable LDAP Directory Synchronization
The LDAP directory types include: