LDAP/AD Server Synchronization Configuration

 

After the LDAP rule is configured, you need to configure the LDAP server synchronization parameters.  This includes the Organization Units (OU) from which the users need to be imported, the schedules for running the LDAP rule and whether to perform a full synchronization (full import) or an incremental synchronization (only changes).

 

 

ldap_sync.gif

 

  1. Click Add to configure the LDAP server synchronization.

 

ldap_ou.gif

LDAP Configuration

 

 Sr. No

Field Name

Description

 

     1

Configuration Name

Configuration name for the LDAP import rule

 

     2

LDAP Rule

Choose the configured LDAP rule

 

     3

Organizational Unit

Select the organizational unit as 'List'. A List of Organization Units present on the LDAP/AD Server is presented. Mark the checkbox against all the OU from which the users have to be imported. In case the OU is deeply nested in the OU tree, it may be difficult to select. In such a case there is an option to enter the specific OU by selecting organizational unit as 'Custom'. Refer to Custom LDAP Configuration for more details.

 

     4

Notification

 

Check 'Notify on user status change' box and select the notification profile to send mail alerts to the users specified in the profile in the next synchronization operation

Note.gifNote: 1. Set the global settings key value  'LDAP user status alert notification' as required

2. Set the value of the global settings key 'Number of mail notification LDAP user status alert' to the number of mails to be sent as notification

     5

Incremental Sync Scheduler

Select Enable option to display the time scheduler box. Based on the requirement the ‘Incremental Sync’ can be scheduled at a desired time

 

     6

Full Sync Scheduler

Select Enable option to display the time scheduler box. Based on the requirement the ‘Full Sync’ can be scheduled at a desired time

 

 

Note:For every domain controller, there can be only one rule. But there can be many configurations for the same LDAP rule.

Custom LDAP configuration

 

ldap_custom.gif

  Sr. No

   Field Name

Description

 

     1

  Configuration Name

Configuration name for the LDAP import rule

 

     2

   Default User Role

Select the default user role. If no role is selected, all the users are imported with role as 'User'. Selecting a role will always map the users to the selected role. LDAP sync and local role changes will not be preserved.

 

     3

LDAP Rule

Choose the configured LDAP rule

 

     4

Organizational Unit

Select the organizational unit as 'Custom'

     5

 Domain Controller

Enter the domain controller name as specified in active directory.

 

     6

 Custom OU

Enter the OU's under the active directory with comma separation from which the users have to be imported

In the above example, test_OU is the parent OU, test_ou is sub OU 1 and 03_ou is the OU from which users have to be imported

 

 

  1. Select one or more configurations and click on 'Delete' to delete the configuration.

  2. Click 'Incremental Sync' to perform an ‘On Demand’ operation when the list of users changes or in case of any modifications to the existing lists.

  3. Click 'Full Sync' to perform an ‘On Demand’ operation when the complete list of users needs to be imported.