Downloads

Versions Compared

Old Version 1

changes.mady.by.user lukas thoma

Saved on

compared with

New Version Current

changes.mady.by.user lukas thoma

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

One can integrate an LDAP directory with OfficeExpert in order to allow users from a corporate directory to access OfficeExpert informationIn addition to the internal user management, existing corporate LDAP directories can be integrated in iDNA Applications.

This article explains how to configure the integration with an Active Directory or and Domino LDAP.Note: The internal

Note

Please note that the default iDNA Applications user accounts (e.g. Config)

...

remain active and are valid

...

parallel to all

...

LDAP objects.

 

Active Directory

  • Click on Settings - LDAP Settings

Image RemovedImage Added

  • LDAP Settings

Image RemovedImage Added

Type: Select Active Directory

URLLDAP security: Select unsecure (ldap://) or secure (ldaps://), depending on your environment

LDAP host: Enter the Directory URL + Portdirectory URL

LDAP port: Type in the server port

Bind DN: Enter the canonical name of the bind user

...

IMPORTANT:  The  binduser has to see at least one of the following member attributes:  memberOf, isMember, member

Bind CredentialsDN Password: Enter the credentials password of the bind user account

User Search Base: Enter the Search Base where the User Objects are located

Search User Filter: For Active Directory please enter the following string:

(sAMAccountName={{username}})

Role Mapping (Administrators - Monitoring- Viewer)

Assign a an AD Group to certain the respective role

Example:  Office365Admins is an AD group with certain members (all these members would gain Admin Access to OfficeExpertadministrator access to iDNA Applications)

IMPORTANT:

      • If a user is member of an Administrator group and Viewer group, then the User gets the higher permission → Administrator
      • If a user which is NOT member of any assigned group, tries to login, the user will not be able to login.

 

...


Domino LDAP

  • LDAP Settings

Image RemovedImage Added

Type: Select Domino

URLLDAP security: Select unsecure (ldap://) or secure (ldaps://), depending on your environment

LDAP host: Enter the Directory URL + Portdirectory URL

LDAP port: Type in the server port

Bind DN: Enter the canonical name of the bind user

...

IMPORTANT:  The  bind user has to see the attribute:  dominoaccessgroups

Bind CredentialsDN Password: Enter the credentials password of the bind user account

User Search Base: Enter the Search Base where the user objects are located

Search User Filter: for Domino LDAP please enter the following string:

(cn={{username}})

Role Mapping (Administrators - Monitoring- Viewer)

Assign a AD Domino group to certain the respective role

Example:  Office365Admins DominoAdmins is an AD a Domino group with certain members (all these members would gain Admin administrator access to OfficeExpertiDNA Applications)

IMPORTANT:

      • If a user is member of an Administrator group and Viewer group, then the user User gets the higher permission → Administrator
      • If a user which is NOT member of any assigned group, tries to login, the user will not be able to login.