Back to top

Register a single AD/LDAP user account

Last updated January 22nd, 2024

To register a single AD/LDAP user account, complete the following steps:


Before registering AD/LDAP user accounts, you must connect AD/LDAP directory services with Knox Manage and add a sync service. For more information about adding a sync service, see Connect to AD/LDAP.

  1. Navigate to User.

  2. On the User page, click Add via AD/LDAP.

  3. In the Select AD/LDAP Sync Type window, select Single User Sync, and then click OK.

  4. On the Add User page, enter the AD/LDAP user information:

    • Sync target — Click Select to open the Select Sync Target window, select a sync service, and then search for users by user name. Select a user to add, and then click OK.

    • User ID — The ID of the user that you selected as Sync target will appear here.

    • DN — The unique Distinguished Name of the AD/LDAP object will be entered automatically.

    • Password — Enter a password between 8 and 30 characters.

      Click the check box next to Reset after Sign-in to allow users to change their password when they first signed in.

    • Confirm Password — Repeat the password.

    • User Name — Enter the user’s full name.

    • Email — Enter the user’s email address.

    • Mobile Number — Select the country number and enter the user’s mobile number to send the URL address for device enrollment via SMS.

    • User Group / Organization — Click Select, and in the Select User Group/Organization window, select the user group on the User Group tab and the organization on the Organization tab.


      If you do not select an organization, the user will automatically belong to the Default organization.

    • License — Select the license type to be used for this user — Knox Suite or Knox Manage. Select Knox Suite if you have a Knox Suite license and you want to use the same license to enroll this user’s device to other Knox services included in Knox Suite.


      With a Knox Suite license, only one license seat is consumed by each device (IMEI) regardless of how many Knox services (in Knox Suite) that device is enrolled in.

    • Android Manage Type — Select the Android enrollment type among Android Legacy, Android Enterprise, or Follow Organization’s Type.


      The user’s Android manage type takes a higher priority than the organization’s Android manage type. Even if you move the user to a different organization, the Android enrollment type set for the users still applies to the users.

    • AD/LDAP Sync — Allow the creating of user accounts from the AD/LDAP system. If AD/LDAP Sync is selected, the existing user information will be synchronized from the AD/LDAP system and registered to the Admin Portal.

    • Tag — Click Add, and in the Add Tag window, enter new tags to add.

    • You can also enter additional information such as employee number, display name, and department in the Additional Information area.

  5. Click Save & Request Enrollment to save the user information and enroll the user at the same time.

    Or click Save to only save the user information.

Is this page helpful?