Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
ldap [2022_01_07 11:26] – [LDAP Integration] dan | ldap [2024_03_05 19:11] – [LDAP Integration] steven | ||
---|---|---|---|
Line 3: | Line 3: | ||
#### Last Updated January 7, 2022 | #### Last Updated January 7, 2022 | ||
- | The File Fabric | + | The Access Anywhere |
This document describes integration with LDAP. For SAML see [[: | This document describes integration with LDAP. For SAML see [[: | ||
- | |||
- | LDAP integration is supported for: | ||
- | |||
- | * Enterprise File Fabric | ||
- | * SaaS (US and EU) | ||
This document describes configuration via LDAP for: | This document describes configuration via LDAP for: | ||
Line 16: | Line 11: | ||
* Microsoft Active Directory | * Microsoft Active Directory | ||
* Azure AD Domain Services | * Azure AD Domain Services | ||
- | |||
<WRAP center round important 100%> | <WRAP center round important 100%> | ||
Line 37: | Line 31: | ||
* ADFS (Active Directory Federation Services) - see [[organisationcloud/ | * ADFS (Active Directory Federation Services) - see [[organisationcloud/ | ||
* Azure Active Directory - see [[organisationcloud/ | * Azure Active Directory - see [[organisationcloud/ | ||
- | * Active Directory without secure LDAP - see the [[: | + | * Active Directory without secure LDAP - see the [[: |
### Choose Auth System Type | ### Choose Auth System Type | ||
Line 61: | Line 55: | ||
``` | ``` | ||
- | In case EFF can not connect to the first AD, next one will be tried. | + | In case NAA can not connect to the first AD, next one will be tried. |
__LDAP Server Port__ - Can leave the default (port 389) if the Connection Encryption is none or TLS. Use port **636** for SSL. Or other port if you are using non-standard ports for your AD environment. | __LDAP Server Port__ - Can leave the default (port 389) if the Connection Encryption is none or TLS. Use port **636** for SSL. Or other port if you are using non-standard ports for your AD environment. | ||
Line 75: | Line 69: | ||
==== User Import Settings ==== | ==== User Import Settings ==== | ||
- | The next three boxes should be checked if you want the File Fabric | + | The next three boxes should be checked if you want Access Anywhere |
If you do not check these, you must import the Users and Roles you want to have access to the system. | If you do not check these, you must import the Users and Roles you want to have access to the system. | ||
Line 82: | Line 76: | ||
==== User Directory Settings ==== | ==== User Directory Settings ==== | ||
- | The next section will describe how your directory defines the users we will use in the File Fabric. | + | The next section will describe how your directory defines the users we will use in Access Anywhere. |
{{:: | {{:: | ||
Line 90: | Line 84: | ||
__Additional Custom User Object Classes__ - If you have additional classes which represent the users on your system, you can enter them here in a comma separated list. Standard AD installations will leave this blank. | __Additional Custom User Object Classes__ - If you have additional classes which represent the users on your system, you can enter them here in a comma separated list. Standard AD installations will leave this blank. | ||
- | __Login Field__ - This defines the attribute which SME will use for the SME Login attribute in the File Fabric. Standard AD installations should use either sAMAccountName or userPrincipalName | + | __Login Field__ - This defines the attribute which NAAwill |
- | __Use Customer User Login Field__ - If Checked then you can select a custom field for the SME Login. Standard AD installations will leave this blank. | + | __Use Customer User Login Field__ - If Checked then you can select a custom field for the NAALogin. Standard AD installations will leave this blank. |
- | __Unique User Attribute__ - This defines which field will be used as the unique user ID with the file fabric. Standard AD installations should use either sAMAccountName or userPrincipalName. | + | __Unique User Attribute__ - This defines which field will be used as the unique user ID with Access Anywhere. Standard AD installations should use either sAMAccountName or userPrincipalName. |
- | __User Name Field__ - This defines which field will be used for the SME User Name attribute. Standard AD installations should use displayName. | + | __User Name Field__ - This defines which field will be used for the NAAUser |
- | __Use Custom User Name Field__ - If Checked then you can select a custom field for the SME User Name. Standard AD installations will leave this blank. | + | __Use Custom User Name Field__ - If Checked then you can select a custom field for the NAAUser |
- | __Use Custom User Email Field__ - If Checked then you can select a custom field for the SME email. Standard AD installations will leave this blank. | + | __Use Custom User Email Field__ - If Checked then you can select a custom field for the NAAemail. Standard AD installations will leave this blank. |
==== Group Directory Settings ==== | ==== Group Directory Settings ==== | ||
- | The next section will describe how your directory defines the groups we will use for the roles within | + | The next section will describe how your directory defines the groups we will use for the roles within |
{{:: | {{:: | ||
- | __Group (Role) id Field__ - This will define which field to use in the directory to create the Roles within | + | __Group (Role) id Field__ - This will define which field to use in the directory to create the Roles within |
- | __Restrict import of users from the following groups__ - Enter any group DNs for groups within your directory which you want to limit which users can access | + | __Restrict import of users from the following groups__ - Enter any group DNs for groups within your directory which you want to limit which users can access |
__Group(Role) Object Class__ - This defines the object class the directory users for group objects. Standard AD installations will select group. | __Group(Role) Object Class__ - This defines the object class the directory users for group objects. Standard AD installations will select group. | ||
Line 116: | Line 110: | ||
__Custom Group (Role) Object Classes__ - Here you can add additional classes which represent groups in your Directory, in a comma separated list. Standard AD installations will leave this blank. | __Custom Group (Role) Object Classes__ - Here you can add additional classes which represent groups in your Directory, in a comma separated list. Standard AD installations will leave this blank. | ||
- | __Role Name Field__ - This defines which field will be used to set the Group name in the File Fabric. Standard AD installations will use cn. | + | __Role Name Field__ - This defines which field will be used to set the Group name in Access Anywhere. Standard AD installations will use cn. |
- | __Use Custom Role Name Field__ - If checked then you will be able set a custom field name to be used for the File Fabric | + | __Use Custom Role Name Field__ - If checked then you will be able set a custom field name to be used for Access Anywhere |
==== Auto-Config Provider (Optional) ==== | ==== Auto-Config Provider (Optional) ==== |