Versions Compared

Old Version 1

changes.mady.by.user Yulia Morozova

Saved on

compared with

New Version Current

changes.mady.by.user Yulia Morozova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In the LDAP catalogs group, click Create....


    An LDAP object is added in the system. On the right, a panel displays configuration settings for the LDAP catalog.
  2. Enter a name for the catalog in the appropriate field (1).

  3. Enter the address of the LDAP catalog server (2) and port (3).

  4. In the Base DN field, enter the Distinguished Name of the branch from which to start search (4).

    Note
    titleAttention!

    If LDAP users are located in multiple directories with a tree-like structure, you cannot establish instant synchronization across all users.

    To synchronize each user group within a DN branch, you have to specify the path to the corresponding directory.

    For example, LDAP contains a directory Employees including subdirectories Managers, Cashiers and Salesmen.

    DN branches for synchronizing users within Managers directory: ou=Managers,ou=Employees,dc=example,dc=com.

    DN branches for synchronizing users within Cashiers directory: ou=Cashiers,ou=Employees,dc=example,dc=com.

    DN branches for synchronizing users within Salesmen directory: ou=Salesmen,ou=Employees,dc=example,dc=com.

     

  5. Enter the name of a user who has write access to the base DN, in LDAP format (RDN + DN) with password (5).
  6. If encryption (SSL) is required for connecting to the LDAP server, select the corresponding check box (6).

  7. In the Search filter field, enter a string for filtering catalog entries (7).

    Note
    titleAttention!

    To upload users by groups, not by directories, you should use the Member Of filter attribute. For example:

    (&(objectClass=user)(memberof=CN=YourGroup,OU=Users,DC=YourDomain,DC=com).


  8. In the Username attribute field, enter the field from which the user's login is obtained (8).

    Info
    titleNote

    To search users by attribute sAMAccountName, enter their names in small letters – samaccountname.


  9. In the DN attribute field, enter the field from which the user's DN is obtained (9).

    Info
    titleNote

    To set a login and DN attribute, you can use Microsoft Active Directory and OpenLDAP LDAP templates. To use a template, click the relevant link (10).


  10. Specify a default user role for users created via LDAP (11). If no role is specified, no automatic user creation will be possible for this catalog.

  11. Сlick the Apply button.

...