LDAP - FORMCYCLE Wiki

author	version	line-number	content
1	{{content/}}
2
3	In addition to the internal user administration, it is possible to compile user information (master data + authentication) via LDAP (MS Active Directory). This option is activated in "User authentication" of the [[client settings>>doc:Formcycle.UserInterface.Client.WebHome]] and is available only when using an appropriate license. Furthermore, the server to be connected must return LDAP objects of type "user" with at least the attribute "UserPrincipalName". Unlike internal users, the master data and password of LDAP users can not be changed. This is still done using the corresponding standard application.
4
5	{{figure float="right" image="1_en_ClientLDAP.png" width="300" title="Das ist der Titel für dieses Bild" alt="Der alt-Text für das Bild"}}
6	Anmeldeeinstellungen für Benutzer innerhalb der Mandanteinstellungen mit Meldung über erfolgreiche Verbindungsprüfung.
7	{{/figure}}
8
9	== Configuring the LDAP server on the client ==
10
11	In the section //User authentication// within the [[client settings>>doc:Formcycle.UserInterface.Client.WebHome]] it is necessary to change the user management to //only LDAP// or //LDAP and System mixed// in order to manage users from an LDAP system. Consequently, the connection to the LDAP server is configured:
12	* SSL encryption: Indicates whether the transport with the LDAP server can/should be carried out using SSL.
13	* LDAP-Server: Name or IP adress of the LDAP server
14	* Port: Communication port of the LDAP server
15	* User for the user search: This account must have the right to send search queries (user object) to the LDAP server. See also [[create user>>doc:Formcycle.UserInterface.UserSettings.User.WebHome]].
16	* Password: User password for logging in to the LDAP server.
17	* BaseDN for user search: BaseDN to search for users who are to be authenticated. Example: //ou="internal", dc="company", dc="com"//
18	* Filter query: Optional LDAP filters to apply further restrictions within the set of user objects ([[tutorial>>url:http://www.selfadsi.de/ldap-filter.htm#FilterDef\|\|rel="__blank"]])
19	* Entries per page (paging): Indicates how many LDAP server entries are expected per page. A value of 0 disables this and the server will expect all values
20	* Max. referral hops: Specifies the maximum number of times reference-jumps (Referral hops) are permitted on the LDAP server. A value of 0 disables the tracking of references
21
22	== Testing the Connection ==
23
24	It is already possible to test the entered data before saving. The "Check connection" button tests whether a connection to the LDAP server can be set up successfully and a message indicates the number of user objects found.

In addition to the internal user administration, it is possible to compile user information (master data + authentication) via LDAP (MS Active Directory). This option is activated in "User authentication" of the [[client settings>>doc:Formcycle.UserInterface.Client.WebHome]] and is available only when using an appropriate license. Furthermore, the server to be connected must return LDAP objects of type "user" with at least the attribute "UserPrincipalName". Unlike internal users, the master data and password of LDAP users can **not** be changed. This is still done using the corresponding standard application.

4

5

{{figure float="right" image="1_en_ClientLDAP.png" width="300" title="Das ist der Titel für dieses Bild" alt="Der alt-Text für das Bild"}}

6

Anmeldeeinstellungen für Benutzer innerhalb der Mandanteinstellungen mit Meldung über erfolgreiche Verbindungsprüfung.

7

8

9

== Configuring the LDAP server on the client ==

10

11

In the section //User authentication// within the [[client settings>>doc:Formcycle.UserInterface.Client.WebHome]] it is necessary to change the user management to //only LDAP// or //LDAP and System mixed// in order to manage users from an LDAP system. Consequently, the connection to the LDAP server is configured:

12

* **SSL encryption:** Indicates whether the transport with the LDAP server can/should be carried out using SSL.

13

* **LDAP-Server:** Name or IP adress of the LDAP server

14

* **Port:** Communication port of the LDAP server

15

* **User for the user search:** This account must have the right to send search queries (user object) to the LDAP server. See also [[create user>>doc:Formcycle.UserInterface.UserSettings.User.WebHome]].

16

* **Password:** User password for logging in to the LDAP server.

17

* **BaseDN for user search:** BaseDN to search for users who are to be authenticated. Example: //ou="internal", dc="company", dc="com"//

18

* **Filter query:** Optional LDAP filters to apply further restrictions within the set of user objects ([[tutorial>>url:http://www.selfadsi.de/ldap-filter.htm#FilterDef||rel="__blank"]])

19

* **Entries per page (paging):** Indicates how many LDAP server entries are expected per page. A value of 0 disables this and the server will expect all values

20

* **Max. referral hops:** Specifies the maximum number of times reference-jumps (Referral hops) are permitted on the LDAP server. A value of 0 disables the tracking of references

21

22

== Testing the Connection ==

23

24

It is already possible to test the entered data before saving. The "Check connection" button tests whether a connection to the LDAP server can be set up successfully and a message indicates the number of user objects found.

Wiki source code of LDAP

Navigation