LDAP Synchronization

Checklist for Customer Configuration

This checklist contains the main subjects that need to be clarified in advance of a LDAP connection:

  • Which LDAP providers will be used and what is their URL (including port and base domain for user selection)?
  • For the LDAP-queries of Stages a username and a password is needed. What is the respective User DN (e.g. cn=LDAP Testuser, cn=Users, dc=adtest, dc=methodpark, dc=de) and the password?
  • Which LDAP-users will be synchronized with Stages (e.g. user of a certain group)?
  • Which interval should be used for synchronizing Stages with the LDAP provider (e.g. every 120 minutes)?
  • Does the LDAP-user have an attribute (e.g. “sAMAccountName“) so that its value can be used as a username in Stages?
  • Does the LDAP-user have an attribute (e.g. “cn“) so that its value can be used as the complete name (first and surname) in Stages?
  • Does the LDAP-user have an attribute (e.g. “mail“) so that its value can be used as an email-address in Stages?
  • Which attribute can be used as a unique identifier between a Stages and a LDAP-user (e.g. email-address?)
  • If a LDAP-user is newly created in Stages during the synchronization, should he get the default role in Stages?
  • Should it be possible to change a Stages user account via LDAP, if a respective LDAP-user can be assigned (e.g. role assignments stay valid)?
  • Should users be deleted in Stages, if they are no longer result of the LDAP-query? If so, which maximum percentage rate of all users is allowed to be deleted after one synchronization?