AgileApps Support Wiki Pre Release

Difference between revisions of "LDAP Configuration"

From AgileApps Support Wiki
imported>Aeric
imported>Aeric
Line 28: Line 28:
:* '''User DN -'''  
:* '''User DN -'''  
:* '''User DN Filter -'''  
:* '''User DN Filter -'''  
::: The <tt>&category=person</tt> and <tt>object(Class=User)</tt> parameters do not need to be specified. They are included automatically.
::: The <tt>(objectCategory=person)</tt> and <tt>(objectClass=user)</tt> parameters do not need to be specified. They are included automatically.


:* '''Group DN -'''  
:* '''Group DN -'''  
:* '''Group DN Filter -'''  
:* '''Group DN Filter -'''  
::: The Group search: <tt></tt>
::: The Group search: <tt></tt>
::: The <tt>&group=</tt> parameter does not need to be specified. It is included automatically.
::: The <tt>(objectCategory=group)</tt> parameter does not need to be specified. It is included automatically.


:* '''Default Team -'''  
:* '''Default Team -'''  

Revision as of 00:31, 21 November 2013

GearIcon.png > Administration > Account Management > LDAP Configuration

If the enterprise has an LDAP server, the platform can be configured to automatically recognize selected users when they log in.

Considerations and Limitations

  • Active Directory is currently supported. Open LDAP is under development.
  • A single LDAP server is supported, currently.
  • The search for a matching user ____. It cannot span multiple ___s, as yet--so a CN entry must be included either in the search DN or the filter.
  • The user's Team cannot currently be configured using LDAP attributes. The default team is always used.

How LDAP Works

User Experience

Effect on Platform Operations

Configuring LDAP

  1. Examine the configuration settings below to see which user attributes can be populated from LDAP.
  2. Create attributes for those settings in your LDAP server.
  3. Go to GearIcon.png > Administration > Account Management > LDAP Configuration
  4. Fill in the configuration settings
  5. Click [Save]

Configuration Settings

  • Server Type - Active Directory (default)
  • Server URL - The server domain and optional portal. Secure portal #636 is the default. Ex: LDAP:998
  • Login DN -
  • Password -
  • Starting Search Directory -
  • User DN -
  • User DN Filter -
The (objectCategory=person) and (objectClass=user) parameters do not need to be specified. They are included automatically.
  • Group DN -
  • Group DN Filter -
The Group search:
The (objectCategory=group) parameter does not need to be specified. It is included automatically.
  • Default Team -
  • Default Access Profile -
  • LDAP Attribute for Access Profile -
Note: The field must contain the role's record ID, not the name of the role.
  • Default Application -
  • LDAP Attribute for Application -
Note: The field must contain the role's record ID, not the name of the role.
  • Default Role -
  • LDAP Attribute for Role - The name of an LDAP field that designates the user's role in the default application.
Note: The field must contain the role's record ID, not the name of the role.

Thumbsup.gif

Tip: To get record IDs, use the following procedure:

  1. Navigate to the object in question (Access Profiles, Applications, or Roles)
    GearIcon.png > Objects > {object}
  2. Edit the default view or create a new view for your use.
  3. Modify the view to include the Record ID field.
  4. View the entries in that object
  5. Take the record ID from the column you added to the view.