Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
72:ldap_ex_config [2018/07/16 15:44] – [Example Configurations] bkkr72:ldap_ex_config [2019/11/15 11:13] – [Example Configurations] etea
Line 6: Line 6:
  
 <code> <code>
-<ldap refreshIntervalMinutes="120" maximumDeletionPercentage="0">+<ldap refreshIntervalMinutes="60" maximumDeletionPercentage="50"> 
 +<ldap refreshIntervalMinutes="120" maximumDeletionPercentage="5">
  <ldap-provider  <ldap-provider
  url=ldap://server.example.com:389/dc=domain,dc=example,dc=com  url=ldap://server.example.com:389/dc=domain,dc=example,dc=com
Line 42: Line 43:
 //Example// //Example//
 <code> <code>
-<ldap refreshIntervalMinutes="1440" maximumDeletionPercentage="0">+<ldap refreshIntervalMinutes="1440" maximumDeletionPercentage="5">
 <ldap-provider url="ldap://ldap.abc:389/dc=xyzgroup,dc=com" <ldap-provider url="ldap://ldap.abc:389/dc=xyzgroup,dc=com"
 ident="ldap_XY_intern" ident="ldap_XY_intern"
Line 128: Line 129:
 //Example for "ondemand" synchronization// //Example for "ondemand" synchronization//
 <code> <code>
-<ldap synchronize="ondemand" synchronizeCronExpression="*/10 * * * +    <!-- Configuration for LDAP with Ondemand Account Creation. 
-?" maximumDeletionPercentage="90"> +         This config works with an MS Active Directory server. 
- <ldap-provider +         For other servers, the attribute names might need to be changed. --> 
- url="ldap://abc.def:389/dc=abc,dc=def+          <!-- Synchronize every Saturday 03:30AM --> 
- ident="abc+    <ldap synchronizeCronExpression="30 3 * SAT" maximumDeletionPercentage="5" 
- key="fullname+          synchronize="ondemand" synchronizeOnStartup="false"> 
- defaultRoles="true" +        <ldap-provider 
- pageSize="0+                    url="ldap://LDAPSERVER.com:389/dc=CUSTOMER,dc=com
- generateDn="true+                    ident="LDAP Primary Ondemand Server
- searchFilter="" +                    key="authenticationUsername
- ondemandFilter="(sAMAccountName=%)" +                    defaultRoles="true" 
- recursiveSearch="true" +                    defaultRolesUsername="default
- adoptUsers="true"> +                    defaultLicenseType="FloatingDev
- <ldap-authentication +                    pageSize="500
- type="simple" +                    generateDn="false" 
- principal="%"+                    ondemandFilter="(&amp;(sAMAccountName=%)(objectClass=user))" 
- </ldap-authentication+                    recursiveSearch="true"> 
- <ldap-attribute name="username" id="sAMAccountName"/> +                    <ldap-authentication type="simple" principal="%"/> 
- <ldap-attribute name="fullname" id="cn"/> + 
- <ldap-attribute name="email" id="mail"/> +                    <ldap-attribute name="username" id="sAMAccountName"/> 
- <ldap-attribute name="_id" id="mail"/> +                    <ldap-attribute name="fullname" id="displayName"/> 
- </ldap-provider> +                    <ldap-attribute name="email" id="mail"/> 
-</ldap>+                    <ldap-attribute name="authenticationUsername" id="distinguishedName"/> 
 + 
 +                    <ldap-query-user name="cn=LDAP Account,ou=Users,dc=CUSTOMER,dc=com" credentials="PASSWORD" /> 
 +            </ldap-provider> 
 +    </ldap>
 </code> </code>