Directory (AD/LDAP)

One identity with Active Directory / LDAP

Let your employees sign in to the guest portal and the 802.1X network with their corporate domain username and password — without defining a separate password. With on-premise deployment.

See On-Premise Setup

How it works

1. Enter server details

Enter your AD/LDAP server address, service account and search base from the panel.

2. Add the certificate (if needed)

If your server uses an internal or self-signed certificate for LDAPS, paste your CA certificate.

3. Test the connection

Validate the settings with a connection and sample-user test.

4. Enable

Employees start signing in with their domain account; optionally restrict login to a group.

Why Captivo Directory Login?

  • Active Directory and LDAP; verification via a two-step secure bind
  • LDAPS + encrypted connection with your own (internal or self-signed) CA certificate
  • Restrict login to a specific group (e.g. Staff)
  • Passwords are never stored in Captivo — verification happens directly against your own directory server
  • Both the guest portal and the 802.1X network use the same directory verification
  • No need to define a separate WiFi or network password

Frequently Asked Questions

Are passwords stored in Captivo?

No. The entered password is never stored or logged; verification happens directly against your own Active Directory / LDAP server.

I have an LDAPS server with an internal (self-signed) certificate — will it work?

Yes. Paste your CA or root certificate into the panel to establish an encrypted LDAPS connection.

Can I restrict login to specific employees?

Yes. Specify a group (e.g. Staff) to allow only that group's members to sign in.

Where is it used?

The same directory verification is used both in the guest WiFi portal and in 802.1X enterprise network login. It runs with an on-premise deployment.

One identity with a corporate account

Let employees sign in with their domain password — no separate password management.

See On-Premise Setup