Changes for page LDAP

From version 1.1 >
edited by gru
on 13.03.2019, 15:41
To version < 4.9
edited by gru
on 26.03.2019, 15:12
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -$services.localization.render("PT.Main.LDAP")
1 +LDAP
Content
... ... @@ -1,21 +1,24 @@
1 -In addition to the internal user administration, it is possible to compile user information (master data + authentication) via LDAP (MS Active Directory). This option is activated in "logon settings for users" of the [[client settings>>doc:Mandanteneinstellungen]] and is available only when using a relevant license.Furthermore, the Server to be connected to LDAP objects of the "user" type must be returned at least using the attribute "User Principal Name". Unlike internal users, the master data and password of LDAP users can **not** be changed. This occurs by means of the appropriate standard application.
1 +{{content/}}
2 2  
3 +In addition to the internal user administration, it is possible to compile user information (master data + authentication) via LDAP (MS Active Directory). This option is activated in "User authentication" of the [[client settings>>doc:Formcycle.UserInterface.Client.WebHome]] and is available only when using an appropriate license. Furthermore, the server to be connected must return LDAP objects of type "user" with at least the attribute "UserPrincipalName". Unlike internal users, the master data and password of LDAP users can **not** be changed. This is still done using the corresponding standard application.
3 3  
4 -==== Configuring the LDAP server on the client ====
5 +{{figure float="right" image="1_en_ClientLDAP.png" width="300" title="Das ist der Titel für dieses Bild" alt="Der alt-Text für das Bild"}}
6 +Anmeldeeinstellungen für Benutzer innerhalb der Mandanteinstellungen mit Meldung über erfolgreiche Verbindungsprüfung.
7 +{{/figure}}
5 5  
6 -{{figure image="066En.png" width="300"/}}
9 +== Configuring the LDAP server on the client ==
7 7  
8 -* In the section //Loginsettings for users// within the [[client settings>>doc:Mandanteneinstellungen]] it is necessary to change the user management to only //LDAP// or //LDAP// and //System// in order to manage users from an LDAP system. Consequently, the connection to the LDAP server is configured:
9 -** **LDAP-Server** Name or IP adress of the LDAP server
10 -** **Port**: Communication port of the LDAP server
11 -** **Entries per page (paging):** Indicates how many LDAP server entries are expected per page. A value of 0 disables this and the server will expect all values
12 -** **Max. Reference-jumps:** Specifies the maximum number of times reference-jumps (Referral hops) are permitted on the LDAP server. A value of 0 disables the tracking of references
13 -** **SSL encryption:** Indicates whether the transport with the LDAP server can/should be carried out using SSL.
14 -** **Users for the user search** This account must have the right to send search queries (user object) to the LDAP server. See also [[create user>>url:http://help4-dev.formcycle.de/xwiki/bin/view/Main/Benutzer]].
15 -** **Password** User password for logging in to the LDAP server.
16 -** **BaseDN for user searc** BaseDN to search for users who are to be authenticated. Example: //ou="intern", dc="firma", dc="de"//
17 -** **Filter query**Optional LDAP filters to apply further restrictions within the set of user objects ([[tutorial>>url:http://www.selfadsi.de/ldap-filter.htm#FilterDef||rel="__blank"]])
11 +In the section //User authentication// within the [[client settings>>doc:Formcycle.UserInterface.Client.WebHome]] it is necessary to change the user management to //only LDAP// or //LDAP and System mixed// in order to manage users from an LDAP system. Consequently, the connection to the LDAP server is configured:
12 +* **SSL encryption:** Indicates whether the transport with the LDAP server can/should be carried out using SSL.
13 +* **LDAP-Server:** Name or IP adress of the LDAP server
14 +* **Port:** Communication port of the LDAP server
15 +* **User for the user search:** This account must have the right to send search queries (user object) to the LDAP server. See also [[create user>>doc:Formcycle.UserInterface.UserSettings.User.WebHome]].
16 +* **Password:** User password for logging in to the LDAP server.
17 +* **BaseDN for user search:** BaseDN to search for users who are to be authenticated. Example: //ou="internal", dc="company", dc="com"//
18 +* **Filter query:** Optional LDAP filters to apply further restrictions within the set of user objects ([[tutorial>>url:http://www.selfadsi.de/ldap-filter.htm#FilterDef||rel="__blank"]])
19 +* **Entries per page (paging):** Indicates how many LDAP server entries are expected per page. A value of 0 disables this and the server will expect all values
20 +* **Max. referral hops:** Specifies the maximum number of times reference-jumps (Referral hops) are permitted on the LDAP server. A value of 0 disables the tracking of references
18 18  
19 -It is already possible to test the entered data before saving. The "Connection Test" button tests whether a connection to the LDAP server can be set up successfully and indicates the number of user objects found.
22 +== Testing the Connection ==
20 20  
21 -----
24 +It is already possible to test the entered data before saving. The "Check connection" button tests whether a connection to the LDAP server can be set up successfully and a message indicates the number of user objects found.

Navigation

Copyright 2000-2025