# LDAP Provisioning The Keeper Bridge is an enterprise-class service application that supports the ability to automatically sync Nodes, Users, Roles and Teams to your Keeper Enterprise account from an LDAP service. To activate and install the Keeper Bridge, follow the below steps: 1. Login to the [Admin Console](https://keepersecurity.com/console). 2. Create a Node (under the root node) to sync with your Active Directory. 3. Visit the **Provisioning** tab and select **Add Method** and then select **LDAP Sync**. 4. Download the Keeper Bridge and proceed with setup. {% hint style="info" %} For detailed Bridge setup and install instructions see our [Keeper Bridge Guide](https://docs.keeper.io/keeper-bridge). {% endhint %} ![Keeper Bridge for LDAP Provisioning](https://4290574019-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LO5CAzpxoaEquZJBpYz%2F-M6683UrICxoPET-UG1M%2F-M668TF_xUPTEEoKPBIH%2Fldap_support.jpg?alt=media\&token=47971ce9-2bba-4408-950b-5a905f009478) * The Keeper Bridge does not authenticate users into their vault with their LDAP password. For seamless user authentication, consider our [Keeper SSO Connect](https://docs.keeper.io/en/enterprise-guide/user-and-team-provisioning/single-sign-on-saml-2.0-authentication) add-on as described in the next section which authenticates against Active Directory via AD FS.
* Automated Team provisioning requires the Keeper Administrator to authenticate on the Keeper Bridge. The Bridge will poll for users who have created their Keeper account after invitation, then the Bridge will encrypt the Team Key with the user's public key, and distribute the Team Key to the user. Once any member of the team logs into the Vault, all members of that team are approved.
* Once the Keeper Bridge is syncing, we recommend not making manual user or team changes directly on the Admin Console. Delegate all user and team provisioning to the bridge through the LDAP Directory. Role enforcement policy changes should still be made on the Admin Console --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.keeper.io/en/enterprise-guide/user-and-team-provisioning/ldap-provisioning.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.