Creating an LDAP Profile

An LDAP Profile is a configuration mechanism that is accessed by navigating to Control Panel - Enterprise Tools - LDAP Import.  From this screen administrators can import and authenticate users with an LDAP source.

LDAP Profile Setup

To setup an LDAP Profile complete the following steps:

  1. Login as a user with VaultAccess rights to VisualVault.

  2. Navigate to Control Panel - Enterprise Tools - LDAP Profiles.

  3. Select New LDAP Profile.

  4. Select the Server Type.

  5. Key in the Profile name.

  6. Key in the LDAP or Active Directory Domain.

  7. Key in the Domain Naming Context. i.e. dc=acme,dc=com.

  8. Key in the User ID that has admin access to LDAP. i.e. acme\administrator.

  9. Key in the Password of the user keyed in for step 9.

  10. Save the profile.

  11. Select Test Import at the top to insure that the profile connects to LDAP.

LDAP Profile ID Card

The following is a list of fields contained on the LDAP Profile ID Card:

  • Server Type - Configures the profile with various predetermined profile configurations. Options include:

    • Active Directory
    • ADAM (Active Directory Application Mode)
    • AD LDS (Active Directory Lightweight Directory Services)
    • Novell eDirectory
    • Other - Used for generic LDAP integration.
  • LDAP Profile Name - Name of the profile.

  • Description - Description of the profile.

  • Server - LDAP Server (can use a FQDN, domain name or IP Address.)

  • Domain Naming Context - full LDAP path. ( i.e. dc=acme,dc=com)

  • Use SSL - Configures the LDAP profile to connect to LDAP using SSL.

  • User Principal Name or Domain\User ID - User Id that is used to interface with LDAP. Under most circumstances an account that can read LDAP and facilitate authentication is required.

  • Password - Password for the user account used to connect to the LDAP server.

  • LDAP Search Filter - LDAP search filter to limit the kinds of records that will be available for import.

  • Search result page size - Configure the number or results that can be returned from the LDAP server.

  • LDAP Attribute names - Configures which LDAP attributes are mapped to the user attributes in VisualVault.

  • Import user's groups - Configure the profile to import the groups from LDAP.

  • Create Groups only in user's default database - If the user is in multiple VisualVault databases, the groups are only created in the default VisualVault database.

  • Allow user to change password - Allows a user to change their LDAP password.

  • All users to reset password - Allow the user to reset their password through the forgotten password process.

  • Enable scheduled synchronization - Enable synchronization to occur on a scheduled basis.

  • Import new users - Configure the LDAP import to automatically import new users.

  • Occurs every - Configure how often the scheduled synchronization occurs.

  • Start Date - Configure the start date for when the imports begin to occur.

The following are buttons included at the top of the Server Details Tab:

  • Save - Save the configuration.

  • Test Import - Test the connectivity of the LDAP profile to the LDAP server.

  • Force Synchronization - Force a synchronization with the LDAP server to occur.

Import Users Tab

This tab shows the list of users from the LDAP source that can be imported. Select the Get LDAP Users button to get the list of users from LDAP. Once you have a list of users, check the check box to the left of the user accounts you want to import. Select Import Selected to import any user that has been checked.

Import Log Tab

The Import Log shows a status information and logs as items are synchronized with VisualVault.