Documentation for Axxon One 2.0. Documentation for other versions of Axxon One is available too.

Previous page Roles  Configuring local users Next page

On the page:


Configuring LDAP

To configure the LDAP catalog, do the following:

  1. In the LDAP catalogs group, click Create.


    An LDAP 1 object is added in the system. On the right, a panel displays configuration settings for the LDAP 1 catalog.
  2. In the Name field, enter a name for the catalog.

  3. In the Server name or IP address field, enter the address of the LDAP catalog Server.
  4. In the Port field, enter the connection port of the LDAP catalog Server.

  5. In the Base DN field, enter the Distinguished Name of the branch, from which the data search starts.

    Attention!

    • If LDAP users are located in multiple directories with a hierarchical structure, you cannot synchronize all users at the same time.
    • To synchronize each user group within a DN branch, you must specify the path to the corresponding directory.
      For example, LDAP contains a directory Employees and subdirectories Managers, Cashiers and Salesmen:
      • DN branches for synchronizing users within Managers directory: ou=Managers,ou=Employees,dc=example,dc=com.
      • DN branches for synchronizing users within Cashiers directory: ou=Cashiers,ou=Employees,dc=example,dc=com.
      • DN branches for synchronizing users within Salesmen directory: ou=Salesmen,ou=Employees,dc=example,dc=com.
  6. In the User field, enter the name of a user who has a read access to the base DN, in LDAP (RDN + DN) format.
  7. In the Password field, enter user password.
  8. Set the Use secure connection (SSL) checkbox if you want to use secure connection (SSL) when connecting to the LDAP catalog.

  9. In the Search filter field, enter a string for filtering catalog entries.

    Attention!

    To upload users by groups, not by catalogs, you must use the MemberOf filter attribute. For example:

    (&(objectClass=user)(memberof=CN=YourGroup,OU=Users,DC=YourDomain,DC=com).

  10. In the Username attribute field, enter the attribute, from which the username is obtained.

    Note

    To search for users by the sAMAccountName attribute, you must enter the attribute in lowercase letters—samaccountname.

  11. In the DN attribute field, enter the attribute, from which the user's DN is obtained.

    Note

    You can use Microsoft Active Directory and OpenLDAP LDAP templates in the LDAP templates parameter to specify the username and DN attribute.

  12. In the Role for automatic registration of user field, enter a role, to which new users of the LDAP catalog are automatically added. If you don't specify a role, automatic user creation for this catalog is disabled.
  13. Сlick the Apply button.

The LDAP catalog is added to the system.

To test the connection, click the Test connection button. If connection is successful, the form in the lower part of the screen displays information about the catalog users.

Otherwise, an error message appears.

Copying the LDAP catalog

To copy a catalog with all settings, do the following:

  1. Click the name of the catalog that you want to copy.
  2. Click the Create button.

A new catalog with identical settings is created. The default name of the new catalog is LDAP 1, LDAP 2, and so on, depending on the number of previously created catalogs.

Removing the LDAP catalog

To remove a catalog, do the following:

  1. Click the name of the catalog that you want to remove.
  2. Click the Remove button.

The selected catalog is removed.

  • No labels