Previous page
Next page
Connecting an LDAP catalog
To work in the system of LDAP users, you must configure access to LDAP catalogs.
To create an LDAP catalog, do the following:
- Go to the System settings tab → LDAP.
- Click the Add a new LDAP catalog button.
A window with LDAP catalog settings opens:
Field Description
Source name Specify the catalog name
Admin name Enter the name of the user who has read access from the base DN in LDAP format (RDN + DN) Admin password Enter the user password
LDAP attribute distinguish name Enter the attribute from which the user's DN is identified LDAP attribute user login
Enter the attribute from which the user name is identified
Note
To search for users by the sAMAccountName attribute, you must enter it in lowercase letters—samaccountname.
LDAP attribute user name Enter the attribute user name that the user sees after synchronization LDAP server network name Enter the IP address or network name of the LDAP server. If the server uses the SSL/STLS protocol mode, you can use only the network name
Port
Enter the port to connect to the LDAP catalog server Search base distinguish name Enter the DN of the branch (Distinguished Name) from which you want to start the data search
Attention!
- If users in LDAP are located in several directories with a hierarchical structure, you cannot synchronize all users at the same time.
- To synchronize each user group in the DN branch, you must specify the path to the appropriate directory.
For example, LDAP has a directory called Employees and subdirectories called Managers, Cashiers, and Salespersons: - DN of the branch to synchronize users of the Managers directory: ou=Managers,ou=Employees,dc=example,dc=com.
- DN of the branch to synchronize users of the Cashiers directory: ou=Cashiers,ou=Employees,dc=example,dc=com.
DN of the branch to synchronize users of the Salespersons directory: ou=Salespersons,ou=Employees,dc=example,dc=com.
Search filter Enter the filter string of entries in the catalog
Attention!
To download users by groups rather than by catalogs, you must use the MemberOf attribute in the filter. For example:
(&(objectClass=user)(memberof=CN=YourGroup,OU=Users,DC=YourDomain,DC=com))Checkbox Use SSL
Set the checkbox if you want to use a secure connection (SSL) when you connect to the LDAP catalog
- You can also specify the settings to automatically synchronize the LDAP catalog. Without these settings, you must perform synchronization manually. To configure synchronization, do the following:
- Click the Sync schedule button.
From the Time zone drop-down list, select the time zone for synchronization.
- In the Start time field, set the start time of synchronization.
- Select the periodicity of synchronization:
- Select Weekly and select the days on which you want synchronization to be performed.
Select Interval in hours and select the time when you want synchronization to be performed again.
- Click the APPLY button.
As a result, the LDAP tab displays the catalog that you added.
Viewing users
To view the users of the catalog, click the LDAP catalog users 
button. As a result, the list of all users is displayed.
User synchronization
If you don’t specify the settings for automatic synchronization when you create the LDAP catalog, synchronization must be performed manually. To do this:
- Click the Manually sync users
button. - In the window that opens, click the Yes button.
As a result, the list of users is synchronized.
Deleting a LDAP catalog
To delete a LDAP catalog, do the following:
- Click the Delete
button. - In the window that opens, click the Yes button.
As a result, the selected LDAP catalog is deleted.