AgileApps Support Wiki Pre Release

Difference between revisions of "LDAP Configuration"

From AgileApps Support Wiki
imported>Aeric
imported>Aeric
Line 43: Line 43:
:* '''Default Access Profile -'''  
:* '''Default Access Profile -'''  
:* '''LDAP Attribute for Access Profile -'''  
:* '''LDAP Attribute for Access Profile -'''  
:: '''Note:''' The field must contain the role's ''record ID'', not the name of the role.
::: The LDAP attribute must contain the role's ''record ID'', not the name of the role.


:* '''Default Application -'''  
:* '''Default Application -'''  
:* '''LDAP Attribute for Application -'''  
:* '''LDAP Attribute for Application -'''  
:: '''Note:''' The field must contain the role's ''record ID'', not the name of the role.
::: The LDAP attribute must contain the role's ''record ID'', not the name of the role.


:* '''Default Role -'''  
:* '''Default Role -'''  
:* '''LDAP Attribute for Role -''' The name of an LDAP field that designates the user's role in the default application.  
:* '''LDAP Attribute for Role -''' The name of an LDAP field that designates the user's role in the default application.  
:: '''Note:''' The field must contain the role's ''record ID'', not the name of the role.
::: The LDAP attribute must contain the role's ''record ID'', not the name of the role.
 
{{Tip|To get record IDs, use the following procedure:
{{Tip|To get record IDs, use the following procedure:
# Navigate to the object in question (Access Profiles, Applications, or Roles)
# Navigate to the object in question (Access Profiles, Applications, or Roles)

Revision as of 00:34, 21 November 2013

GearIcon.png > Administration > Account Management > LDAP Configuration

If the enterprise has an LDAP server, the platform can be configured to automatically recognize selected users when they log in.

Considerations and Limitations

  • Active Directory is currently supported. Open LDAP is under development.
  • A single LDAP server is supported, currently.
  • The search for a matching user ____. It cannot span multiple ___s, as yet--so a CN entry must be included either in the search DN or the filter.
  • The user's Team cannot currently be configured using LDAP attributes. The default team is always used.

How LDAP Works

User Experience

Effect on Platform Operations

Configuring LDAP

  1. Examine the configuration settings below to see which user attributes can be populated from LDAP.
  2. Create attributes for those settings in your LDAP server.
  3. Go to GearIcon.png > Administration > Account Management > LDAP Configuration
  4. Fill in the configuration settings
  5. Click [Save]

Configuration Settings

  • Server Type - Active Directory (default)
  • Server URL - The server domain and optional portal. Secure portal #636 is the default.
For example: our.LDAPserver:998
  • Login DN -
  • Password -
  • Starting Search Directory -
  • User DN -
  • User DN Filter -
The (objectCategory=person) and (objectClass=user) parameters do not need to be specified. They are included automatically.
  • Group DN -
  • Group DN Filter -
The Group search:
The (objectCategory=group) parameter does not need to be specified. It is included automatically.
  • Default Team -
  • Default Access Profile -
  • LDAP Attribute for Access Profile -
The LDAP attribute must contain the role's record ID, not the name of the role.
  • Default Application -
  • LDAP Attribute for Application -
The LDAP attribute must contain the role's record ID, not the name of the role.
  • Default Role -
  • LDAP Attribute for Role - The name of an LDAP field that designates the user's role in the default application.
The LDAP attribute must contain the role's record ID, not the name of the role.

Thumbsup.gif

Tip: To get record IDs, use the following procedure:

  1. Navigate to the object in question (Access Profiles, Applications, or Roles)
    GearIcon.png > Objects > {object}
  2. Edit the default view or create a new view for your use.
  3. Modify the view to include the Record ID field.
  4. View the entries in that object
  5. Take the record ID from the column you added to the view.