LDAP definition form fields | Field | Description |
|---|
| Name | Specify the definition name. The name you enter here becomes a target in the Import Sources record. | | Active | Select this checkbox to activate the LDAP definition and to allow importing data. | | RDN | Enter the relative distinguished name (RDN) of the subdirectory to search through. | | Server | Specify the LDAP server containing the users and groups directory and other information related to LDAP. This server must be preliminarily configured in System LDAP → LDAP Servers. | | Table | Select the target table that perceives the data from your LDAP server. For users, select the Users (sys_user) table |
, and for groups, select the Group (sys_group) table. The target table specifying is used for LDAP auto-provisioning (automatic creation of users in the Users (sys_user) table). This feature can be enabled or disabled by setting the proper value for the user.ldap_autoprovision property (for more information about this property, please refer to the Available System Properties article). | | Filter | Enter a filter string to select specific records to import from the OU (organizational unit). For example, this filter specifies the excerpt, as shown below: - Classified as a person,
- Have an sn attribute value,
- Are not computers,
- Are not flagged as inactive,
- And login prerequisites are not equal to 'admin@simpleone.ru'.
(&(objectClass=person)(sn=*)(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(userPrincipalName=*.admin@simpleone.ru)))
For more information about LDAP filter syntax, please refer to appropriate RFC. | | Query field | Specify the attribute name within the LDAP server for querying the records. ActiveDirectory, mostly, uses the sAMAccountName attribute. Other LDAP servers tend to use the cn attribute. |
|