LDAP Configuration

In this Topic ShowHide

The Configuration tab specifies the format of the LDAP file and other basic information.

The Configuration tab is divided into the following sections:

• General

• Construct LDAP Query

• LDAP Query String

General Section

The General section consists of the following fields:

Data Source

The data source field provides a drop down box with all the data sources that are in the system. If the search finds more than 20 data sources you will need to search for the correct data source.

Note: This is a required field.

Directory expiration behavior

This section provides the following options:

• • None

In this option no objects or people are marked as expired as a result of the import.  

Note: This is the default.

• • Expire for entire Data Source

If you select this option objects will be marked as expired if they meet the following conditions:

• • • They exist in the Directory.

    • They belong to the Data Source being imported.

    • They are marked as having been imported.

    • They are not in the current import source.

  • Expire for import name

If you select this option objects will be marked as expired if they meet the following conditions:

• • • They exist in the Directory.

    • They belong to the Data Source being imported.

    • They are marked as having been imported.

    • They are not in the current import source by a previous run of the current import configuration as tracked by the configuration’s saved name.

    • They are not in the current import source.

Import People without objects

Click this check box if you want to allow people to be imported without an object (extension, device or auth code).

Retrieve Records for mapping sample

This controls the number of records brought into the mapping sample.  There are often erroneous records received when retrieving records and the sample provides sufficient records so that you can see what is in each field. The default is 25. Allowable values are 10 through 100.

Extension Exclusion List

In this option if any particular extensions are entered in this field they will not be imported.

Construct LDAP Query

The information shown here is read only and is derived from the LDAP Worksheet.

Note: The Worksheet is used to test the LDAP query to ensure you are reading the correct part of the LDAP system and to choose which fields you want to bring over. It is possible that the level of the LDAP directory you are accessing will contain many more fields than you want to import. The LDAP properties lists the fields you have chosen to import in the worksheet.

When you click on the LDAP Worksheet button the following screen will be displayed:

The LDAP Worksheet provides the following required fields and attributes that can be chosen for the import:

Search Base: LDAP://

• • This field requires the url of where the LDAP system resides as well as the part of the system that will be used.  

Note: This is a required field.

Binding/Authentication

• • There are many different authentication models supported by different LDAP systems that are required so as to gain access information from them. The supported options are:  

  • • None

    • Secure (default)

    • Encryption

    • SecureSocketLayer

    • ReadonlySecure

    • Anonymous

    • FastBind

    • Signing

    • Sealing

    • Delegation

    • ServerBind

Search Scope

• • This field provides a drop down list that contains the following options:  

  • • Base: This is the default. This option will search just the base defined in the Search Base text box

    • One Level: This option will search just one level down from the base object.

    • Subtree: This option will search the base object and all levels below.

LDAP Filtering

If you enter in a data string you can further limit the information brought back from the LDAP system.

User Name

• • You need to provide an user name to access the LDAP system.

Password

• • You need to provide a password to access the LDAP system.

Note: This is masked.

Confirm Password

• • You have to confirm the administrator password that was previously entered.

Note: This is masked.

LDAP Query String

• • This displays the query that is being constructed.

Preview <n> records

This controls how many records are brought from the LDAP system for you to view.

Note: If the Hide Properies with no data field is checked then a property that has no data in any of the records, will not be brought in for mapping.

When you click on Go the lower left hand pane is filled with a tree that represents the LDAP directory – LDAP Records. Levels can be expanded and collapsed by clicking on the triangles. If the information brought back is not what you expect, then you can re-enter the information and click Go again.

Unique Properties

On the lower right hand pane is a list of unique properties that can be imported.  You can check the ones that you want to import.

When you have chosen the fields that you want to import, you can then click the OK button which will then return you to the main configuration tab.