Hideez Directory Proxy (Active Directory Connector)

Overview

The Hideez Directory Proxy allows you to connect Microsoft Active Directory (AD) with Hideez Tenant. It retrieves users from your AD domain and synchronizes them into the server for centralized identity and access management.

Prerequisites

Before installing Hideez Directory Proxy, make sure the following requirements are met:

  • Supported operating systems:

    • Microsoft Windows Server (2012 R2, 2016, 2019, 2022)

    • Windows 8, Windows 10, Windows 11 (the installer is provided as a .exe package and runs only on Windows systems)

Note: Visual C++ Redistributable must be installed on your workstation or server.

  • Installation location:

    • For best performance, it is recommended to install the connector on the Active Directory Domain Controller or another server with network access to the Domain Controller.

  • Permissions:

    • The connector requires an Active Directory account with read-only permissions.

    • It only retrieves the list of users from AD and does not modify any objects or attributes.

  • Network:

    • Stable network connectivity between the Hideez Directory Proxy host and the Hideez Tenant over HTTPS (TCP port 443).

Setup Instructions

Step 1. Download and Install

Step 2. Configure Connection

  • Launch the Hideez Directory Proxy application.

  • Enter the following details:

    • Remote Server URL – the address of your Hideez Tenant.

    • API Key – the key generated in the Hideez Tenant.

    • Active Directory Connection Details – specify:

      • Host (Full AD domain name)

      • Username (AD account with prefixed domain name with read access to users)

      • Password

  • Click Connect to server.

Important: The Hideez Directory Proxy has a console-based user interface that requires ANSI support. Even if your terminal does not support ANSI (e.g., Windows Server 2012), the configuration and Windows service will still be created.

  • When the connection succeeds, click Finish.

Attention: Connection to Active Directory (AD) uses the LDAPS protocol on port 636. This SSL connection requires a valid certificate for your local AD domain. If no valid certificate exists, the connection to AD may fail.

In this case, you can generate a self-signed certificate and add it to the trusted store. To do this:

  1. Open PowerShell on the Domain Controller.

  2. Run the following command:

    New-SelfSignedCertificate -DnsName <AD host name>.<your AD fully qualified domain name>, <AD host name> -CertStoreLocation cert:\LocalMachine\My

  3. Run certlm.msc.

  4. Copy your newly generated certificate from Personal\Certificates to Trusted Root Certification Authorities\Certificates.

  5. Wait a few minutes for synchronization to complete.

Step 3. Run as Windows Service

Once configuration is complete, you can run the connector as a service:

  1. Close the application window.

  2. Press Win + R, type services.msc, and press Enter.

  3. In the list, find Hideez Directory Proxy.

  4. Right-click the service and select Start.

This ensures the connector runs continuously in the background and synchronizes AD users with the Hideez Tenant.

UI Reference

Note: If your terminal does not support ANSI and you encounter an error message, you can download and use an alternative terminal, such as ConEmu, to run the application.

When you run Hideez Directory Proxy, the console menu provides the following options:

  • Connect to server – starts synchronization with the Hideez Tenant using the configured settings.

  • Edit configuration – allows you to update the remote server URL, API key, or Active Directory connection details.

  • Delete configuration – removes the current configuration so you can create a new one.

  • Exit application – closes the application.

Last updated