Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
72:ldap_ex_config [2018/07/16 15:44] – [Example Configurations] bkkr72:ldap_ex_config [2018/10/25 17:54] emr
Line 6: Line 6:
  
 <code> <code>
-<ldap refreshIntervalMinutes="120" maximumDeletionPercentage="0">+<ldap refreshIntervalMinutes="120" maximumDeletionPercentage="5">
  <ldap-provider  <ldap-provider
  url=ldap://server.example.com:389/dc=domain,dc=example,dc=com  url=ldap://server.example.com:389/dc=domain,dc=example,dc=com
Line 42: Line 42:
 //Example// //Example//
 <code> <code>
-<ldap refreshIntervalMinutes="1440" maximumDeletionPercentage="0">+<ldap refreshIntervalMinutes="1440" maximumDeletionPercentage="5">
 <ldap-provider url="ldap://ldap.abc:389/dc=xyzgroup,dc=com" <ldap-provider url="ldap://ldap.abc:389/dc=xyzgroup,dc=com"
 ident="ldap_XY_intern" ident="ldap_XY_intern"
Line 128: Line 128:
 //Example for "ondemand" synchronization// //Example for "ondemand" synchronization//
 <code> <code>
-<ldap synchronize="ondemand" synchronizeCronExpression="*/10 * * * +    <!-- Configuration for LDAP with Ondemand Account Creation. 
-?" maximumDeletionPercentage="90"> +         This config works with an MS Active Directory server. 
- <ldap-provider +         For other servers, the attribute names might need to be changed. --> 
- url="ldap://abc.def:389/dc=abc,dc=def+          <!-- Synchronize every Saturday 03:30AM --> 
- ident="abc+    <ldap synchronizeCronExpression="30 3 * SAT" maximumDeletionPercentage="5" 
- key="fullname+          synchronize="ondemand" synchronizeOnStartup="false"> 
- defaultRoles="true" +        <ldap-provider 
- pageSize="0+                    url="ldap://LDAPSERVER.com:389/dc=CUSTOMER,dc=com
- generateDn="true+                    ident="LDAP Primary Ondemand Server
- searchFilter="" +                    key="authenticationUsername
- ondemandFilter="(sAMAccountName=%)" +                    defaultRoles="true" 
- recursiveSearch="true" +                    defaultRolesUsername="default
- adoptUsers="true"> +                    defaultLicenseType="FloatingDev
- <ldap-authentication +                    pageSize="500
- type="simple" +                    generateDn="false" 
- principal="%"+                    ondemandFilter="(&amp;(sAMAccountName=%)(objectClass=user))" 
- </ldap-authentication+                    recursiveSearch="true"> 
- <ldap-attribute name="username" id="sAMAccountName"/> +                    <ldap-authentication type="simple" principal="%"/> 
- <ldap-attribute name="fullname" id="cn"/> + 
- <ldap-attribute name="email" id="mail"/> +                    <ldap-attribute name="username" id="sAMAccountName"/> 
- <ldap-attribute name="_id" id="mail"/> +                    <ldap-attribute name="fullname" id="displayName"/> 
- </ldap-provider> +                    <ldap-attribute name="email" id="mail"/> 
-</ldap>+                    <ldap-attribute name="authenticationUsername" id="distinguishedName"/> 
 + 
 +                    <ldap-query-user name="cn=LDAP Account,ou=Users,dc=CUSTOMER,dc=com" credentials="PASSWORD" /> 
 +            </ldap-provider> 
 +    </ldap>
 </code> </code>