You can import user or group information from the LDAP database. These import sources match fields in your LDAP database to fields in your instance.
Ensure that the LDAP connection is established before importing.
Import data
To import data using LDAP, you need to configure an import source. To do so, complete the following steps:
- Navigate to Import → Import Sources.
- Click New and fill in the fields.
- Click Save or Save and exit to apply the changes.
- Click Load All Records to create a temporary Import Set record.
- Create a transform map and field maps.
- Run a transform.
- (optional) Schedule the LDAP import.
Import Source form fields
| Field | Mandatory | Description |
|---|---|---|
| Name | Y | Specify a name of the import source. |
| Import set table name | Y | Specify the name of an import set table record. After saving the record, this name will be automatically transformed into the system name format with an application prefix and underscores instead of spaces. A new record will be automatically created in the Import Set (sys_import_set) table with this name when import is completed. Example: If the application prefix is app, and the specified name is My Test, then the system name of the Import Set (sys_import_set) table will be app_imp_my_test. The displayed name of the created table will be App imp my table. See the Data Import article to learn more. |
| Type | N | The type of external data source. Select LDAP to import data from your LDAP source. |
| LDAP definition | N | Specify a preconfigured LDAP definition containing locations, people, and user groups you need. See the LDAP Integration article to learn how to configure an LDAP. |
Configure an LDAP setting
LDAP Setting form fields Specify the LDAP server containing users and groups directory and other information related to LDAP. To configure the server, navigate to LDAP → LDAP Servers and perform the needed actions. Select the target table that will store data from your LDAP server. For users, select the Users (user) table. The target table specified is used for LDAP auto-provisioning (automatic creation of records). Enter a filter string to select specific records to import from the OU (organizational unit). For example, this filter specifies the excerpt, as shown below: (&(objectClass=person)(sn=*)(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(userPrincipalName=*.admin@simpleone.ru))) For more information about the LDAP filter syntax, refer to the appropriate RFC documentation. Specify the attribute name within the LDAP server for querying the records. Active Directory mostly uses the sAMAccountName attribute. Other LDAP servers tend to use the cn attribute. Note that Query field is temporarily not working correctly – our team is working on its logic improvement to make it more efficient and secure. We will inform you about changes in the next releases. Use the field to specify (include and limit) the attributes the LDAP query returns. This approach is preferable for large LDAP imports in terms of timing.Field Mandatory Description Name Y Specify the LDAP setting name. Active N Select this checkbox to activate the LDAP definition and to allow data import. Relative Distinguished Name (RDN) N Enter the relative distinguished name (RDN) of the subdirectory to search through. Server Y Table Y Filter N Query field N Attribute list N
If the field remains empty, the system loads all the objects with their attributes that your LDAP server is allowed to read.
/
- No labels
