taylor laubach


LDAP Integration Builder


Reduce failure rates in users configuring integrations to LDAP directories


Got requirements from PM. Collaborated with Eng to understand technical constraints and capabilities.


System-oriented setup

Users wanted to set up LDAP integrations which could read and write to their LDAP directories. Doing this required telling the system how their directory was configured. Many users were unable to complete setup or, worse, completed setup only to find that some or all of their functionality was not working.



I explored how the directories are set up, what people struggled with, and what we could find out about a given directory without asking the user. It turns out that LDAP is a very open-ended standard. LDAP directories have very few standard-defined parameters, so we needed the user to provide most of the configuration information.

Humans had to produce system values

Competitive analysis showed that most other implementations had simply given users a long form with simple text input fields. In talking to admins it was clear that they often were unsure of what a field was actually asking for. When they knew what a field was asking for, they were sometimes unsure of what value to put in. And when they knew the value, it was sometimes unclear how to format it. It was clear that we needed to give them suggested values, but it was not possible for us to find out the values without user input.


Match system capabilities to human strengths

The solution was to flip the validation process. Normally, a safe LDAP integration process would have an admin put in information and then would use that information to find an object in the directory and test the configuration against the values of that object. I realized that we could search the directory first. The main directory entities that needed to be manipulated were user objects and group objects. If the admin identified for us a user object and a group object, that would give us, for each field, a limited number of possible options. We could format them exactly as we needed them, and the user simply had to identify them in a dropdown. This made the setup wizard effectively foolproof. It wouldn't be possible to put in a value which wouldn't work.

In addition, I broke the setup into small, conceptually consistent sections, renamed some of the fields, and added comprehensive explanations and documentation for each field. User tests have shown that this new setup wizard is easy to use and quickly gets the user through the setup process.

Users can easily recognize important objects

Setup focused on a user performing a search and then telling the system which objects are which

Picture of user object search and selection.

After picking an object, a user just had to recognize the relevant values

Picture of screen for defining group objects.