Synchronize User Configuration with LDAP Server Dialog

In this dialog, you use LDAP to transfer groups and users from the external user management of the company and set up the connection settings for the automatic synchronization.

Purpose

Use the Synchronize User Configuration with LDAP Server dialog to adopt groups and/or users from your company's external user management via LDAP.

If your network's user administration uses the Lightweight Directory Access Protocol (LDAP), you can load and update user names from this source (only available for Windows). You also require other data to do this, which you can request from the system administrator.

You can use automatic synchronization for regularly keeping it up-to-date. To do this, save the connection settings to the LDAP server.

Prerequisites

In order to call the central user management on the main license server in the administration program and use its functions, you must be logged-in to the license server as an administrator or your user must have the Manage Users right (normally as a group member).

Call

Select the Synchronize User Configuration with LDAP Server option in the Manage Users program.

Structure

The dialog consists of the header with the login data for the LDAP server, the tabs for loading and selecting groups and/or users for the import and buttons.

Header

  • Server input field

    Enter the LDAP server's address using <name>.<company> format or as an IP address.

  • Use Windows Authentication for Login check box

    Activated by default. The login to the LDAP server takes place with the current Windows authentication of the user.

    To use another Windows authentication, this check box must be deactivated. Input fields for the Windows authentication to be used then appear.

  • User Name input field

    This appears only if the Use Windows Authentication for Login check box is deactivated.

    User name for login to LDAP server.

  • Password input field

    This appears only if the Use Windows Authentication for Login check box is deactivated.

    Password for login to LDAP server.

Groups Tab

Contains data on the loaded groups and assigned users, and enables the selection of obsolete, non-existent groups for the import from the LDAP server.

  • Branch input field

    Enter the base DN as the starting point in the LDAP directory structure using dc=company,dc=domain format.

    Restricts access to the LDAP directory structure.

  • Filter Expression input field

    Filter in the form <LDAP attribute1>=<attribute1>, <LDAP attribute2>=<value2>,....

    Restricts loading and importing to certain groups and their users.

  • Load button

    Loads the group/user data from the LDAP server with the current login and connection data.

  • Groups table

    Displays the loaded groups.

    • Display field (#/#)

      Display of number of displayed groups and total number of loaded groups.

    • <Filter> input field

      Filter field for restricting the group table display.

    • Selection column

      Check box for the import.

      Only obsolete and non-existent groups can be selected for the import.

    • Name column

      For LDAP groups, the group name is the name on the LDAP server.

    • Domain column

      Required on Windows to determine the user name along with the system login and to authenticate the user.

    • State of the Entry column

      Displays the state of the group in the central user management with respect to the loaded group of the same name.

      • up-to-date

        The Innovator group and its user data match the LDAP group of the same name.

      • outdated

        The Innovator group and its user data do not match the LDAP group of the same name.

      • not contained

        There is no Innovator group of the same name.

  • Members table

    The users are loaded from the LDAP server with the current connection settings if the group is selected or imported.

    Only obsolete and non-existent users are imported.

    • System Login column

      Name of the user in the system (Windows user name); is used together with the domain.

      This name is the basis of the comparison between the Innovator and LDAP users.

    • User Name in Model column

      Display name assigned which is used for logging-in users into models if the Single Sign-On property is activated for the repository and the entry in the System Login column corresponds to the system login. If no name is given, then the system login is used.

    • State of the Entry column

      • State of the Entry column

        Displays the state of the user in the central user management with respect to the LDAP user of the same name.

        • up-to-date

          The Innovator user and its data match the LDAP user of the same name.

        • outdated

          The user data of the Innovator user does not match that of the LDAP user of the same name with regard to group assignments, for example.

        • not contained

          There is no Innovator user of the same name.

Users Tab

Contains data on the loaded users and enables the selection of obsolete, non-existent users for the import from the LDAP server.

  • Branch input field

    Enter the base DN as the starting point in the LDAP directory structure using dc=company,dc=domain format.

    Restricts access to the LDAP directory structure.

  • Filter Expression input field

    Filter in the form <LDAP attribute1>=<attribute1>, <LDAP attribute2>=<value2>,....

    Restricts loading and importing to certain groups and their users.

  • Load button

    Loads the user data from the LDAP server with the current login and connection data.

  • Users table

    Only obsolete and non-existent users are imported.

    • Display field (#/#)

      Display of number of displayed users and total number of loaded users.

    • <Filter> input field

      Filter field for restricting the user table.

    • Selection column

      Check box for the import.

      Only obsolete and non-existent users can be selected for the import.

    • System Login column

      Name of the user in the system (Windows user name); is used together with the domain.

      This name is the basis of the comparison between the Innovator and LDAP users.

    • Domain column

      Required on Windows to determine the user name along with the system login and to authenticate the user.

    • User Name in Model column

      Display name assigned which is used for logging-in users into models if the Single Sign-On property is activated for the repository and the entry in the System Login column corresponds to the system login. If no name is given, then the system login is used.

    • State of the Entry column

      • State of the Entry column

        Displays the state of the user in the central user management with respect to the LDAP user of the same name.

        • up-to-date

          The Innovator user and its data match the LDAP user of the same name.

        • outdated

          The user data of the Innovator user does not match that of the LDAP user of the same name with regard to group assignments, for example.

        • not contained

          There is no Innovator user of the same name.

Buttons

  • Save Connection button

    Saves the current login data (server, Windows authentication) and connection data (branch, filter expression) locally for use with a user management command line call for automated synchronization when required.

  • Import button

    Active if groups or users have been selected for the import.

    Imports the selected groups and their users with the status outdated or not contained from the LDAP server if the Groups tab is in the foreground.

    Imports the selected users with the status outdated or not contained from the LDAP server if the Users tab is in the foreground.

  • Close button

    Closes the dialog Synchronize User Configuration with LDAP Server.

Processes Supported

Related Topics Link IconRelated Topics