Error rendering macro 'rw-search'

null

Downloads

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

One can integrate an LDAP directory with iDNA Applications in order to allow users from a corporate directory to access iDNA Applications information.

This article explains how to configure the integration with an Active Directory or Domino LDAP.

Note: The internal user accounts (e.g. Config) will remain active and valid in parallel to all the LDAP objects.

 

Active Directory

  • Click on Settings - LDAP Settings

  • LDAP Settings

Type: Select Active Directory

LDAP host: Enter the Directory URL + Port

Bind DN: Enter the canonical name of the bind user

Example:  CN=_bindusername,OU=Functional,OU=Users,OU=acme,DC=acme,DC=local

IMPORTANT:  The  binduser has to see at least one of the following member attributes:  memberOf, isMember, member

Bind DN Password: Enter the password of the bind user account

User Search Base: Enter the Search Base where the User Objects are located

User Filter: For Active Directory please enter the following string:

(sAMAccountName={{username}})

Role Mapping (Administrators - Monitoring- Viewer)

Assign a AD Group to certain role

Example:  Office365Admins is an AD group with certain members (all these members would gain Admin Access to iDNA Applications)

IMPORTANT:

  • If a user is member of an Administrator group and Viewer group, then the User gets the higher permission → Administrator
  • If a user which is NOT member of any assigned group, tries to login , the user will not be able to login.

 

IBM Domino LDAP

  • LDAP Settings

Type: Select Domino

LDAP host: Enter the Directory URL + Port

Bind DN: Enter the canonical name of the bind user

Example:  CN=_bindusername,OU=Functional,OU=Users,OU=acme,DC=acme,DC=local

IMPORTANT:  The  bind user has to see the attribute:  dominoaccessgroups

Bind DN Password: Enter the password of the bind user account

User Search Base: Enter the Search Base where the user objects are located

User Filter: for Domino LDAP please enter the following string:

(cn={{username}})

Role Mapping (Administrators - Monitoring- Viewer)

Assign a AD group to certain role

Example:  Office365Admins is an AD group with certain members (all these members would gain Admin access to iDNA Applications)

IMPORTANT:

      • If a user is member of an Administrator group and Viewer group, then the user gets the higher permission → Administrator
      • If a user which is NOT member of any assigned group, tries to login , the user will not be able to login.