Versions Compared

Old Version 1

changes.mady.by.user Chieko Sugizaki

Saved on

compared with

New Version 2

changes.mady.by.user Chieko Sugizaki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DTPDEVEL and version 2022.2

...

Base DN

The base DN is the context DN (distinguished name) where the directory objects reside. If empty, User Administration will use the root DN of the directory tree. Organizational units (ou) and domain components (dc) are used to define directory tree structures.

The following example shows how an organization could structure its directory:

ou=US,ou=People,dc=company,dc=com

ou=Europe,ou=People,dc=company,dc=com

ou=Asia,ou=People,dc=company,dc=com

In this example, you would enter the following base DNs to scan users from Europe and Asia only.

ou=Europe,ou=People,dc=company,dc=com

ou=Asia,ou=People,dc=company,dc=com

Filter

Enter an expression in the Filter field to search on specific parameters. Searches are performed on the base DN(s) and specified scope. The following examples describe some of the ways filters can be used:

Simple filter for users under provided base DN:

(objectclass=person)

Find "devel1" and "devel2" users only:

(objectclass=devel1)(objectclass=devel2)

Find users that are members of group "Managers":

(objectclass=person)(memberOf=cn=Managers,cn=Users,ou=company,ou=com))

Restrict To GroupsEnable this option to import only the users that belong to a group specified in the Group Import Settings. Users that do not belong to a group configured in Group Import Settings will not be imported.

Attribute Mappings

The attributes mapping section defines how User Administration attributes (i.e., user login name, first name, last name, and email) map to directory object attributes (i.e., uid, givenName, sn, and email). You can use the defaults mappings or configure the attributes to align with your LDAP server. Refer to the documentation for your LDAP LDAP server .

Username

This field is used for the login name in User Administration. The the uid attribute is commonly used to identify users in LDAP servers. In Active Directory, the sAMAccountName attribute is used as the client login name. When importing users, usernames are limited to 70 characters.

Default is uid.

First Name

This field is used for the the users' first name in User Administration. The givenName attribute is commonly used to specify users' first name in LDAP servers. When importing users, first names are limited to 49 characters.

Default is givenName.

Last Name

This field is used for the users' last name (surname) in User Administration. The sn attribute is commonly used to specify users' last name in LDAP servers. Default is sn. When importing users, last names are limited to 81 characters.

Email Address

This field is used for the users' email address in User Administration. The mail attribute is commonly used to specify users' email address in LDAP servers. Default is mail. When importing users, email addresses are limited to 256 characters.  

Member Of

This field is used to associate users in User Administration with LDAP groups. Default is memberOf. See Advanced Settings for additional information.

...

  1. Click User Directories on the User Administration home screen.
  2. Click the import button for the directory you want to import. 

  3. Review the users to be imported and click Next to proceed or Cancel to exit without importing. Note that there are character limits for the following attributes:

  4. Username: 70 characters

  5. First Name: 49 characters
  6. Last Name: 81 characters
    7. Email: 256 characters

     

    Info

    Attributes associated with existing users will be overwritten with data from the LDAP server.

  7. Review the user groups to be imported. Click on the disclosure triangle to view the users within a group.
  8. Click Next to review the import settings. 
  9. Click Import to begin importing users. 

...