Difference between revisions of "LDAP Configuration"

From IVS Wiki
Jump to: navigation, search
(Importing an Individual User)
(Syncing Security Groups)
Line 47: Line 47:
 
#:[[File:Finding_Sync_Schedules_Box.png|1050px]]
 
#:[[File:Finding_Sync_Schedules_Box.png|1050px]]
 
#Once here, start entering in the following information:
 
#Once here, start entering in the following information:
#:<table><tr><th rowspan="7">[[File:Adding_LDAP_Sync_Schedules.png]]</th></tr><tr><td style="padding: 0 10px">'''A:'''</td><td style="padding: 0 10px">Enter in a name for the Security Group <br><span class="indent"> '''Note:''' ''Try to keep these similar to the VALT groups you have created</span></td></tr><tr><td style="padding: 0 10px">'''B:'''</td><td style="padding: 0 10px">Enter in the DN for the Security Group, omitting the DC components <br><span class="indent">'''Example:''' ''CN=Service Accounts,OU=Users,OU=Install''</span></td></tr><tr><td style="padding: 0 10px">'''C:'''</td><td style="padding: 0 10px">Select the '''VALT Group''' to have the users added to <br><span class="indent"> '''<font color="red">Note:''' '''The VALT groups need to be created before you can link the Security Groups to them</font>'''</span></td></tr><tr><td style="padding: 0 10px">'''D:'''</td><td style="padding: 0 10px">Choose either '''Manual''' or '''Automatic''' Sync Type <br><span class="indent">'''Note:''' ''Automatic syncs users every day at 7AM server time whereas Manual requires an Admin account to manually sync the users''''</span></td></tr><tr><td style="padding: 0 10px">'''E:'''</td><td style="padding: 0 10px">Select any '''Additional Groups''' you would like the users added to</td></tr><tr><td style="padding: 0 10px">'''F:'''</td><td style="padding: 0 10px">Click '''Save'''</td></tr></table>
+
#:<table><tr><th rowspan="7">[[File:Adding_LDAP_Sync_Schedules.png]]</th></tr><tr><td style="padding: 0 10px;vertical-align: top">'''A:'''</td><td style="padding: 0 10px;vertical-align: top">Enter in a name for the Security Group <br><span class="indent"> '''Note:''' ''Try to keep these similar to the VALT groups you have created</span></td></tr><tr><td style="padding: 0 10px;vertical-align: top">'''B:'''</td><td style="padding: 0 10px;vertical-align: top">Enter in the DN for the Security Group, omitting the DC components <br><span class="indent">'''Example:''' ''CN=Service Accounts,OU=Users,OU=Install''</span></td></tr><tr><td style="padding: 0 10px;vertical-align: top">'''C:'''</td><td style="padding: 0 10px;vertical-align: top">Select the '''VALT Group''' to have the users added to <br><span class="indent"> '''<font color="red">Note:''' '''The VALT groups need to be created before you can link the Security Groups to them</font>'''</span></td></tr><tr><td style="padding: 0 10px;vertical-align: top">'''D:'''</td><td style="padding: 0 10px;vertical-align: top">Choose either '''Manual''' or '''Automatic''' Sync Type <br><span class="indent">'''Note:''' ''Automatic syncs users every day at 7AM server time whereas Manual requires an Admin account to manually sync the users''''</span></td></tr><tr><td style="padding: 0 10px;vertical-align: top">'''E:'''</td><td style="padding: 0 10px;vertical-align: top">Select any '''Additional Groups''' you would like the users added to</td></tr><tr><td style="padding: 0 10px;vertical-align: top">'''F:'''</td><td style="padding: 0 10px">Click '''Save'''</td></tr></table>
 
#Test that the user import worked:
 
#Test that the user import worked:
 
:<span class="indent">A. Click on the '''Group'''</span>
 
:<span class="indent">A. Click on the '''Group'''</span>

Revision as of 09:32, 16 June 2022

Connecting to the LDAP Server

  1. Navigate to the VALT software either through the IP Address or the FQDN using Chrome, Firefox, or other standard web browser
  2. Log in using your login credentials
    Note: (Default credentials: Username = admin | Password = admin)
  3. Click on Admin -> Users & Groups -> LDAP -> Show Advanced Settings
    LDAP1.png
  4. Scroll down to Servers
    LDAP Server Box.png
  5. Enter in your LDAP Server information:
    Updated LDAP Server Config.png
    A: Enter the IP Address or FQDN of your Active Directory or other LDAP compatible server in the Server field
    Note: If you are using LDAPS, enter the IP or FQDN as ldaps://myldapsserver.com
    B: Enter a Service Account user with read access in the LDAP Bind User field
    Note: The user must be entered as user@domain.com
    C: Enter the Service Account password
    D: Enter in the Base DN of the Service Account
    Note: Base DN must be entered in the form of DC=ad,DC=ipivs,DC=com
    E: Select either Active Directory or Open LDAP
    F: Click Save


    • If the credentials were accepted and a connection was established, you will receive a message stating connected and you will see your LDAP Server in Green:
      LDAP2.png


    • If the connection fails, you will receive an error message stating Wrong Credentials:
      LDAP3.png

    Syncing Security Groups

    1. To sync users accounts, navigate to Sync Schedules
      Finding Sync Schedules Box.png
    2. Once here, start entering in the following information:
      Adding LDAP Sync Schedules.png
      A:Enter in a name for the Security Group
      Note: Try to keep these similar to the VALT groups you have created
      B:Enter in the DN for the Security Group, omitting the DC components
      Example: CN=Service Accounts,OU=Users,OU=Install
      C:Select the VALT Group to have the users added to
      Note: The VALT groups need to be created before you can link the Security Groups to them
      D:Choose either Manual or Automatic Sync Type
      Note: Automatic syncs users every day at 7AM server time whereas Manual requires an Admin account to manually sync the users'
      E:Select any Additional Groups you would like the users added to
      F:Click Save
    3. Test that the user import worked:
    A. Click on the Group
    B. Click Import
    Testing Sync Schedule Import.png


    • If the import was successful, and there are users assigned to Security Groups, you will see this message:
    Import Results.png


    • If the import failed, and there are users assigned to Security Groups, you will see this message:
    Failed Import Results.png


    Note: If the import failed, and you have users assigned to a group, most likely either your Bind Script in the Sync Schedule block or the Base DN/LDAP Bind User in the Server block are entered incorrectly

    Importing an Individual User

    1. Navigate to the User Import section:LDAP5.png
    2. Enter in the information:
      Full User Import .png
      A:Enter in the name of a user
      B:A list of all users that populate with your search entry will appear
      C:The full DN of the user you select will appear here
      D:Select the Group you want to add the user to
      E:Select any Additional Groups you would like the user added to
      F:Click Import
    3. You will see a confirmation message displayed that the user has been imported and you can verify the user got assigned to the group:User Import Finalization.png