Active Directory (AD)/Lightweight Directory Access Protocol (LDAP) authentication is used to integrate user and admin accounts of AirWatch with existing corporate accounts.
- End users now authenticate with existing corporate credentials.
- Secure method of integrating with LDAP / AD.
- Standard integration practice.
- Can be used for Workspace ONE Direct Enrollment.
- Requires an AD or other LDAP server.
- Device connects to AirWatch MDM to enroll device. User enters their directory services user name and password.
- User name and password are encrypted during transport.
- AirWatch does not store the user's directory services password.
- AirWatch queries the client's directory services through a secure LDAP protocol over the Internet using a service account for authentication.
- The user's credentials are validated against the corporate directory service.
- If the user credentials are valid, the AirWatch server allows the device to complete a device enrollment.
For more information, see Workspace ONE Direct Enrollment.