Difference between revisions of "VALT 6 - LDAP Configuration"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) |
||
(9 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | __NOTOC__ | ||
{{Article | content = | {{Article | content = | ||
− | Follow this walkthrough or read through our documentation below. | + | {{Aside - Helpful | content = [https://app.storylane.io/share/4juavivv8rmx Follow this walkthrough] or read through our documentation below.}} |
− | {{Storylane - VALT | title = | + | |
+ | {{Storylane - VALT 6 - C | title = LDAP Configuration | link = https://app.storylane.io/share/4juavivv8rmx}} | ||
+ | |||
+ | {{hr}} | ||
==Navigating to LDAP Settings== | ==Navigating to LDAP Settings== | ||
Line 8: | Line 12: | ||
#Enter the subsection <b>Servers & Services</b>. | #Enter the subsection <b>Servers & Services</b>. | ||
#In the top right corner, select the <b>+</b> icon, and select <b>LDAP</b> from the drop down menu. | #In the top right corner, select the <b>+</b> icon, and select <b>LDAP</b> from the drop down menu. | ||
+ | |||
+ | {{hr}} | ||
==Connecting a new LDAP Server== | ==Connecting a new LDAP Server== | ||
− | #In the <b>Server</b> field, enter the address of your server in the following format: <br>{{Code Block - Mini | text = | + | #In the <b>Server</b> field, enter the address of your server in the following format: <br>{{Code Block - Mini | text = ldap://<span class="code_5"><server></span>.<span class="code_5"><yourdomain></span>}} |
− | {{Aside | | + | {{Aside | content = For LDAPS, simply append the S. If you are using a non-standard port for LDAPS, specify by appending <b>:<portnumber></b>}} |
− | #In the <b>LDAP Bind User</b> field, enter an account with read access in the following format: <br>{{Code Block - Mini | text = < | + | #In the <b>LDAP Bind User</b> field, enter an account with read access in the following format: <br>{{Code Block - Mini | text = <span class="code_5"><username></span>@<span class="code_5"><yourdomain></span>}} |
#In the <b>Password</b> field, enter the password that corresponds with the LDAP Bind User | #In the <b>Password</b> field, enter the password that corresponds with the LDAP Bind User | ||
{{Aside | content = Note that the Bind User Password cannot contain the following characters: <br><b>! * ' ( ) ; : @ & = + $ , / ? % # [ ]</b>}} | {{Aside | content = Note that the Bind User Password cannot contain the following characters: <br><b>! * ' ( ) ; : @ & = + $ , / ? % # [ ]</b>}} | ||
− | #In the <b>Base DN</b> field, enter the domain components in the following format: <br>{{Code Block - Mini | text = < | + | #In the <b>Base DN</b> field, enter the domain components in the following format: <br>{{Code Block - Mini | text = DC=<span class="code_5"><component></span>,DC=<span class="code_5"><component></span>}} |
#In the <b>Type</b> field, select the appropriate server type. This will typically be <b>Active Directory</b>. | #In the <b>Type</b> field, select the appropriate server type. This will typically be <b>Active Directory</b>. | ||
#In the <b>Deleted</b> field, select what you want to happen with deleted groups. | #In the <b>Deleted</b> field, select what you want to happen with deleted groups. | ||
Line 22: | Line 28: | ||
#You will be returned to the Servers & Services page, where you see this message: | #You will be returned to the Servers & Services page, where you see this message: | ||
{{img | file = LDAP_Server_Status.png}} | {{img | file = LDAP_Server_Status.png}} | ||
− | + | ||
+ | {{hr}} | ||
+ | |||
==Importing Users from Active Directory== | ==Importing Users from Active Directory== | ||
#Navigate to <b>Users & Groups</b>. | #Navigate to <b>Users & Groups</b>. | ||
#In the top right corner, select the <b>Import</b> button, which will take you to the Import page. | #In the top right corner, select the <b>Import</b> button, which will take you to the Import page. | ||
− | + | ||
+ | {{hr - 2}} | ||
+ | |||
===Importing Individual Users=== | ===Importing Individual Users=== | ||
At the top of the Import page, you'll see the <b>LDAP Import</b> section. This area allows you to search for individual users and import them to specific groups | At the top of the Import page, you'll see the <b>LDAP Import</b> section. This area allows you to search for individual users and import them to specific groups | ||
Line 32: | Line 42: | ||
#Select the appropriate VALT group in the <b>Group to Add</b> drop down menu. | #Select the appropriate VALT group in the <b>Group to Add</b> drop down menu. | ||
#Click the <b>Import</b> button to add the user to the selected group. | #Click the <b>Import</b> button to add the user to the selected group. | ||
− | + | ||
+ | {{hr - 2}} | ||
+ | |||
===Importing User Groups=== | ===Importing User Groups=== | ||
At the bottom of the Import page, you'll see the <b>Sync schedules</b> section. This area allows you to import entire user groups from the Active Directory to their corresponding groups in VALT. | At the bottom of the Import page, you'll see the <b>Sync schedules</b> section. This area allows you to import entire user groups from the Active Directory to their corresponding groups in VALT. | ||
Line 39: | Line 51: | ||
#In the <b>User type</b> field, leave it as <b>Default</b>. | #In the <b>User type</b> field, leave it as <b>Default</b>. | ||
#In the <b>Container</b> field, select the appropriate container from the drop down. For most cases, this will be <b>Global</b>. | #In the <b>Container</b> field, select the appropriate container from the drop down. For most cases, this will be <b>Global</b>. | ||
− | #In the <b>Bind Script</b> field, fill out the script that corresponds to the AD Group you are importing in the following format without any of the Domain elements: <br>{{Code Block - Mini | text = < | + | #In the <b>Bind Script</b> field, fill out the script that corresponds to the AD Group you are importing in the following format without any of the Domain elements: <br>{{Code Block - Mini | text = CN=<span class="code_5"><Common_Name></span>,OU=<span class="code_5"><Group_Name></span>}} |
#In the <b>Group to Add</b> field, select the VALT group that you are importing the AD Group to. | #In the <b>Group to Add</b> field, select the VALT group that you are importing the AD Group to. | ||
#In the <b>Sync Type</b> field, select whether you want the sync to occur automatically or on a manual basis only. | #In the <b>Sync Type</b> field, select whether you want the sync to occur automatically or on a manual basis only. | ||
Line 45: | Line 57: | ||
#Click the <b>Save</b> button at the top of the Sync schedules section to save the changes. | #Click the <b>Save</b> button at the top of the Sync schedules section to save the changes. | ||
#To manually run the Sync schedule, open the schedule back up and click the <b>Import</b> button. You should see a message indicating the changes that have occurred: {{img | file = LDAP_Sync_Message.png}} | #To manually run the Sync schedule, open the schedule back up and click the <b>Import</b> button. You should see a message indicating the changes that have occurred: {{img | file = LDAP_Sync_Message.png}} | ||
− | |||
}} | }} |
Latest revision as of 08:03, 7 November 2024
🕮Follow this walkthrough or read through our documentation below.
- Navigate to the Settings section within VALT.
- Enter the subsection Servers & Services.
- In the top right corner, select the + icon, and select LDAP from the drop down menu.
Connecting a new LDAP Server
- In the Server field, enter the address of your server in the following format:
ldap://<server>.<yourdomain>
✎For LDAPS, simply append the S. If you are using a non-standard port for LDAPS, specify by appending :<portnumber>
- In the LDAP Bind User field, enter an account with read access in the following format:
<username>@<yourdomain> - In the Password field, enter the password that corresponds with the LDAP Bind User
✎Note that the Bind User Password cannot contain the following characters:
! * ' ( ) ; : @ & = + $ , / ? % # [ ]
- In the Base DN field, enter the domain components in the following format:
DC=<component>,DC=<component> - In the Type field, select the appropriate server type. This will typically be Active Directory.
- In the Deleted field, select what you want to happen with deleted groups.
- Add any Custom Attributes by selecting the + icon, selecting the applicable attribute from the drop down menu, and filling out the corresponding attribute from your Active Directory.
- Hit the Save button at the top of your screen to save your changes.
- You will be returned to the Servers & Services page, where you see this message:
Importing Users from Active Directory
- Navigate to Users & Groups.
- In the top right corner, select the Import button, which will take you to the Import page.
Importing Individual Users
At the top of the Import page, you'll see the LDAP Import section. This area allows you to search for individual users and import them to specific groups
- In the Find user field, type in the search parameters. You will see a list of matches appear in a drop down. Select the User you wish to import from the list.
- Select the appropriate VALT group in the Group to Add drop down menu.
- Click the Import button to add the user to the selected group.
Importing User Groups
At the bottom of the Import page, you'll see the Sync schedules section. This area allows you to import entire user groups from the Active Directory to their corresponding groups in VALT.
- To create a Sync schedule, click the + button.
- In the Name field, enter the Name of the Sync schedule. Typically, you'll want to name this the same as the group name in VALT.
- In the User type field, leave it as Default.
- In the Container field, select the appropriate container from the drop down. For most cases, this will be Global.
- In the Bind Script field, fill out the script that corresponds to the AD Group you are importing in the following format without any of the Domain elements:
CN=<Common_Name>,OU=<Group_Name> - In the Group to Add field, select the VALT group that you are importing the AD Group to.
- In the Sync Type field, select whether you want the sync to occur automatically or on a manual basis only.
- In the Additional Groups field, add any secondary VALT groups you want this AD group to be a part of from the drop down.
- Click the Save button at the top of the Sync schedules section to save the changes.
- To manually run the Sync schedule, open the schedule back up and click the Import button. You should see a message indicating the changes that have occurred: