🚀 SnipeIT – P4 Configure SnipeIT with Active Directory LDAP on Windows (Full Guide)

Integrating Snipe-IT with Active Directory (LDAP) is one of the most important steps when deploying Snipe-IT in a corporate environment. LDAP integration allows centralized authentication, enabling domain users to log in using their Active Directory credentials instead of creating local accounts manually.

In this complete step-by-step guide, you will learn how to configure Snipe-IT LDAP with Active Directory on Windows, including domain preparation, DNS configuration, LDAP bind user setup, and proper LDAP query configuration.

This tutorial is designed for IT Administrators, System Engineers, and IT Support teams who want seamless AD authentication for Snipe-IT in an enterprise environment.

🧪 Lab Environment

Before starting, here is the lab setup used in this guide:

Ensure network connectivity between Snipe-IT server and Domain Controller before proceeding.

⚙️ SnipeIT Windows Configuration

🔄 Step 1: Setup Auto Start Service

First, ensure your Snipe-IT environment (Apache + MySQL via XAMPP) is configured to auto start with Windows.

This ensures:

✔ No manual startup required
✔ Continuous service availability
✔ Stable authentication integration

Enable Apache and MySQL services in XAMPP Control Panel if not already configured.

🏢 Step 2: Join Domain Using LDAP Configuration

Now we configure Snipe-IT to authenticate against Active Directory via LDAP.

🔐 #1: Create LDAP Service Account

On your Domain Controller, create a dedicated LDAP bind user:

This account is used by Snipe-IT to query Active Directory securely.

Best practice:

• Do not use Domain Admin account

• Assign minimal read permissions only

🌐 #2: Set DNS to Domain Controller

On the Snipe-IT Windows server:

• Configure DNS to point to Domain Controller IP:

This ensures proper domain resolution for tsf.local.

Without correct DNS configuration, LDAP connection will fail.

🔧 #3: Configure LDAP Settings in Snipe-IT

Now log in to Snipe-IT Web UI and configure LDAP settings.

Use the following configuration:

Explanation:

• Active Directory domain: Your AD domain name

• LDAP Server: Must resolve correctly via DNS

• Bind Username: LDAP service account in UPN format

• Base Bind DN: Root DN of the domain

• LDAP Filter: Filters user objects only

• LDAP Authentication Query: Uses sAMAccountName for login matching

Make sure all values are entered exactly as shown.

🔍 Common LDAP Configuration Checks

If login fails, verify the following:

✔ DNS resolves tsf.local correctly
✔ LDAP port 389 is open
✔ Bind user password is correct
✔ Base DN format is correct
✔ Firewall is not blocking communication

You can also test domain resolution from the Snipe-IT server before troubleshooting further.

🎯 What Happens After LDAP Integration?

Once configured successfully:

• Domain users can log in using AD credentials

• No need to create local Snipe-IT accounts manually

• Authentication becomes centralized

• Password policies follow Active Directory

• Account disable in AD automatically blocks Snipe-IT access

This significantly improves enterprise security and user management efficiency.

🏢 Why Integrate Snipe-IT with Active Directory?

Benefits include:

✔ Centralized authentication
✔ Simplified user management
✔ Improved security compliance
✔ Automatic onboarding/offboarding
✔ Reduced administrative workload

For organizations already running Windows Server Domain Controller, LDAP integration is strongly recommended.

🔥 Final Thoughts

Configuring Snipe-IT with Active Directory LDAP on Windows is a critical step for enterprise-ready deployment. With proper DNS configuration, a dedicated LDAP bind account, and correct LDAP settings, integration is straightforward and highly stable.

This tutorial completes the next stage of your Snipe-IT deployment series:

• P1 – Install on Ubuntu

• P2 – Install on Windows

• P3 – Fix 404 & Optimize XAMPP

• P4 – Configure Active Directory LDAP

By following this guide, your Snipe-IT system is now ready for professional domain-based authentication in a real-world business environment.