Integrate Yeastar Workplace with Active Directory

This topic describes how to integrate Yeastar Workplace with Active Directory (AD) using Lightweight Directory Access Protocol (LDAP).


  • Operating System: Windows Server 2008 / 2008 R2 / 2012 / 2012 R2 / 2016 / 2019 / 2022

  • Yeastar Workplace Plan: Pro Plan

Network Scenario

This topic describes how to integrate Yeastar Workplace and Active Directory from different networks. For example, you are using the SaaS version of Yeastar Workplace and the Active Directory is on-premise deployed. In this case, you need to configure port forwarding on the network where the Active Directory locates to ensure Yeastar Workplace can communicate with your Active Directory (AD) via LDAP protocol.

We provide a diagram to help you understand the integration in a better manner:

Note: For on-premise deployment versions of Yeastar Workplace that are deployed in the same network as the Active Directory, see Integrate Yeastar Workplace with Active Directory.


Configure your network
  • Make sure that Yeastar Workplace can access the Active Directory.
  • Forward the following port(s) as needed on the router to pass LDAP(S) requests from Yeastar Workplace to Active Directory.
    • TCP/UDP 389 for LDAP
    • TCP/UDP 636 for LDAPS (Recommended)

    Note: For Windows Server 2016 and above, Active Directory Certificate Services (AD CS) is required when using LDAPS protocol. For more information, see Enable LDAP over SSL with a third-party certification authority.
Gather the following information from Active Directory
  • The Distinguished Name (DN) of the directory node where you want the data to be synced to Yeastar Workplace. The directory node will be used as the root for LDAP query, you can sync the desired AD users, groups, or organizational units in this directory to Yeastar Workplace.

    For example, if you want to sync data in OU2 to Yeastar Workplace, then collect the DN of OU2.

    Note: How to check the Distinguished Name of the desired directory node?
    1. In the Active Directory Users and Computers page, click View and select Advanced Features.

    2. Right click the desired directory node, and check the DN on Properties > Attribute Editor > distinguishedName.
  • The logon name and password of an Active Directory domain account that has read access to the desired directory.
    Note: Right click the desired account, and check the logon name on Properties > Account > User logon name.


  1. Log in to Yeastar Workplace admin portal, and go to Integration.
  2. In the Directory Sync section, click Connect beside Active Directory (AD).

  3. In the Connect to Server section, fill in the following information.
    Setting Description
    Host Enter the public IP address of the Active Directory.

    Specify the communication protocol.

    • LDAP: Unencrypted LDAP communication.
    • LDAPS: Encrypted LDAP communication with SSL.
    Port Enter the mapped port, which is used to pass LDAP(S) request from Yeastar Workplace to Active Directory.
    Base DN Enter the distinguished name of the base entry as the root for LDAP query in Active Directory.
  4. In the Account Verification section, enter the credential of an AD domain account.

    • User Name: Enter the logon name of an AD domain account.

    • Password: Enter the password associated with the user name.

  5. Click OK.


The Integration page displays Connected, indicating that Yeastar Workplace is successfully connected to Active Directory.

The details of the connection are also displayed on this page.

What to do next

Set up synchronization rules to synchronize the desired AD users, organizational units, and groups to Yeastar Workplace. For more information, see Synchronize AD Users/OUs/Groups to Yeastar Workplace.