The CData MCP Server for Microsoft Active Directory defines each connection to Microsoft Active Directory as a named configuration that Claude can use when sending natural language queries.

You create and manage these configurations using the MCP Configuration Tool. The tool automatically handles formatting, storage, and registration with Claude Desktop.

Understanding Connection Configurations

Each connection configuration is stored in a .mcp file. This file includes the details needed to initialize the connector when Claude starts a session.

• On Windows, configuration files are stored in "~/AppData/Roaming/CData/Microsoft Active Directory Data Provider/".
• On macOS, configuration files are stored in "~/Library/Application Support/CData/Microsoft Active Directory Data Provider/".

The .mcp file is a text file that contains a list of connection properties and a timestamp. For example:

#Tue May 20 15:48:40 EDT 2025
AuthScheme=Basic
User=myUser
Password=myPassword
Security Token=myToken

The configuration tool handles these settings automatically. Each saved configuration enables Claude to launch a dedicated MCP Server instance with the correct connector and options. Manual file editing is not required.

Connecting to Microsoft Active Directory

Set Server and Port for basic connectivity. Additionally, you can fine-tune the connection with the following:

• FollowReferrals: When set, the server surfaces data as views from only referral servers. To modify data on a referral server, you must specify this server with Server and Port.
• LDAPVersion: Set this to the version of the protocol your server implements; by default, the server uses version 2.

Authenticating to Microsoft Active Directory

To authenticate requests, set the User and Password properties to valid Microsoft Active Directory credentials (e.g., set User to Domain\\BobF or cn=Bob F,ou=Employees,dc=Domain).

The server uses plaintext authentication by default, since the server attempts to negotiate TLS/SSL with the server. You can specify another authentication method with AuthMechanism.

See SSL Configuration for more information on TLS/SSL configuration.

Fine Tuning Data Access

The following properties control the scope of data returned:

• BaseDN will limit the scope of LDAP searches to the height of the distinguished name provided. Note: Specifying a narrow BaseDN may greatly increase performance; for example, a value of cn=users,dc=domain will only return results contained within cn=users and its children.
• Scope: This property enables more granular control over the data to return from a subtree.

Customizing Tables

The server surfaces the columns most often needed from Microsoft Active Directory entities. However, if you need to work with other data, the tables are easy to modify. Tables are defined in schema files, which have a simple format.

See Working with Active Directory Tables for a guide to extending the default schemas or writing your own. To use custom schemas, set the Location property to the folder containing the schema files.