Obtaining the LDAP Search string (Distinguished Name)?

Similar documents
Published on Online Documentation for Altium Products (

Integrating YuJa Enterprise Video Platform with LDAP / Active Directory

By defining design repositories in this centralized fashion, an oganization can fully control which repositories its designers can access and use.

Securing Design Source Inside a Design Repository

Accessing the Vault. Parent article: Altium Vault Technology. Mod. ifi. Adm. Sep 13,

LDAP Configuration Guide

Managed Projects. Modified by Jason Howie on 31-May-2017

Server Installation. Parent page: System Installation, Licensing & Management

Published on Online Documentation for Altium Products (

Importing Existing Data into LastPass

Integration Guide. LoginTC

ACS 5.x: LDAP Server Configuration Example

OneLogin SCIM. Table of Contents. Summary... 2 System Requirements... 2 Installation & Setup... 2 Contact Us... 6

Configuring Pentaho with LDAP or Active Directory

Item Revision Naming Schemes. Revision Naming Terminology. Default Revision Naming Schemes. Modified by Jason Howie on 31-May-2017

PCB Project Configurations

LDAP Configuration Guide

Configuring User VPN For Azure

Browser-based Access and Management

Migrating from a Personal Vault to an Altium Vault Server

owncloud Android App Manual

Getting Started with Soonr

Enabling the Bullhorn and Calendar Integration with Google Apps

Authentication via Active Directory and LDAP

AUTHENTICATION - ATRIUM SSO

Grandstream Networks, Inc. LDAP Configuration Guide

Enforced Client Policy & Reporting Server (EPRS) 2.3. Administration Guide

Support for 3D Models. Folder Type. Modified by Jason Howie on May 31, 2017

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Click Studios. Passwordstate. Remote Session Launcher. Installation Instructions

Active Directory 2000 Plugin Installation for Cisco CallManager

ODBC Connectivity Migration Steps. Deltek Product Management

New Dropbox Users (don t have a Dropbox account set up with your Exeter account)

USER MANUAL. SalesPort Salesforce Customer Portal for WordPress (Lightning Mode) TABLE OF CONTENTS. Version: 3.1.0

Guide to your CGIAR Network account Self Service tool

LDAP Synchronization

[SETUP DELEGATION IN GOOGLE APPS]

User Guide. Voic Manager. Version 14

8.0 Help for Community Managers About Jive for Google Docs...4. System Requirements & Best Practices... 5

Releasing a PCB 2D-3D Model to a Vault

LDAP/AD v1.0 User Guide

Google SAML Integration

Realms and Identity Policies

Published on Online Documentation for Altium Products (

DBXL AZURE INSTALLATION GUIDE

AWS Remote Access VPC Bundle

Revised: 08/02/ Click the Start button at bottom left, enter Server Manager in the search box, and select it in the list to open it.

Setting Up Resources in VMware Identity Manager

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

Telelogic Directory Server Product Manual Release 4.3

Integrating a directory server

ServiceNow Deployment Guide

How to Install and Configure the Barracuda Outlook Add-In

Integrating YuJa Active Learning into Google Apps via SAML

Administration Guide

Identity Policies. Identity Policy Overview. Establishing User Identity through Active Authentication

CounterACT User Directory Plugin

Realms and Identity Policies

Studywiz Extractor Installation Guide SIMS Multi-School

Configuring User Access for the Cisco PAM Desktop Client

How Do I Manage Active Directory

Cisco Unified Intelligence Center Reporting Application

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

Minimum requirements for Portal (on-premise version):

A Walk Through...the Board Design Release Process. Contents

Partner Integration Portal (PIP) Installation Guide

Copy of A Walk Through...the Board Design Release Process

Important Information

VMware Identity Manager Administration

Realms and Identity Policies

Instruction Guide! VERITEXT VAULT - ONLINE DEPOSITORY

OneLogin Integration User Guide

CONTROL Installation and Basic-configuration Guide Contents

Building Block Installation - Admins

Getting Started with Outlook Web App (OWA)

How to Configure Authentication and Access Control (AAA)

Sophos Mobile. super administrator guide. Product Version: 8

Altium Vault Licensing

Refer to the EULA for the definition and scope of the network, as regards use of Private Server licensing.

Using vrealize Operations Tenant App as a Service Provider

User Guide. Admin Guide. r

Directory Integration with VMware Identity Manager

WDC RDS Connection for Android Users

NotifySCM Workspace Administration Guide

Import Data Connection from an SAP Universe

Oracle Big Data Cloud Service, Oracle Storage Cloud Service, Oracle Database Cloud Service

Options for managing Shared Folders

Sophos Mobile super administrator guide. Product version: 7.1

How to Install and Configure the Barracuda Outlook Add-In

TIBCO LiveView Web Getting Started Guide

Extract from the ARC & RVRC Operational & Administrative Procedures

Quick Topic - Refreshable Web Queries

Print Station. Point-and-Click Printing WHITE PAPER

9.0 Help for Community Managers About Jive for Google Docs...4. System Requirements & Best Practices... 5

Novell Identity Manager

Configuring User Access for the Cisco PAM Desktop Client

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

Administration Of Active Directory Schema Attribute Greyed Out

Sophos Mobile. super administrator guide. product version: 8.6

Connecting to the Virtual Desktop Infrastructure (VDI)

Transcription:

How to Configure LDAP Sync with the Altium Vault Old Content - see latest equivalent Modified by Jason Howie on 31-May-2017 An LDAP Sync allows the administrator of an Altium Vault to leverage the network domain s existing username and password credentials, so that user credentials do not have to be created manually one at a time on the USERS page of the vault's browser-based interface. When setup correctly, the USERS page will automatically populate with user credentials, enabling any user listed to sign into the Altium Vault using their regular corporate network username and password. This article details a proven approach that has been successfully used in setting up an LDAP Sync on a domain. Try this approach when setting up an LDAP Sync on your own domain. What do I need? Standard LDAP - Altium Vault 2.5 or later. LDAPS (LDAP over SSL) - Altium Vault 2.6 or later. Note that LDAP Sync, while available in Altium Vault 2.1, is known to have issues. Administrative access to the Altium Vault. Optionally, an extremely helpful utility is an application called LDAP Admin (download LdapAdminExe-<version>.zip from http://www.ldapadmin.org/) LDAP Admin can be used to identify the exact User Group query strings and syntax required to configure the Altium Vault LDAP setup page. Obtaining the LDAP Search string (Distinguished Name)? When configuring an LDAP Sync task through the Altium Vault's bowser-based interface, you need to supply the LDAP Distinguished Name (DN). This is entered in string format, and identifies the base object of the LDAP search. To get this string, we're going to use the LDAP Admin utility, so first ensure the zip file is downloaded, and extract out the LdapAdmin executable therein.

Download and extract the LdapAdmin.exe file. Run the LdapAdmin.exe executable as Administrator (just right-click on it and select Run as administrator). When the LDAP Admin panel opens, choose Start» Connect to access the Connections dialog, then double-click New connection to access the Connection properties dialog. Creating a new connection within the LDAP Admin utility. On the General tab of the Connection properties dialog, configure the connection information in relation to your domain, an example of which might be: Connection name: just any arbitrary name to be used for the connection icon. Host: testsite.com Port: 389 If you are configuring for LDAPS (LDAP over SSL), then the port needs to be 636.

Base: DC=testsite, DC=com Enable the GSS-API option. If you are configuring for LDAPS (LDAP over SSL), then you also need to enable the SSL option. Account: just leave the Use current user credentials option enabled. An example configured connection, when using standard LDAP. If using LDAPS (LDAP over SSL), change the Port to 636, and enable the SSL option. With the connection properties configured, press the Test connection button. If all is set correctly, you should see the Connection is successful message. Click OK to finish creating the new connection. You now need to identify the string that targets the base object of the LDAP search. To do this: 1. Select your newly-created connection and click OK in the Connections dialog - your network domain and user group hierarchy will be presented. 2. Expand the relevant folder path until you get to the folder containing the required users. 3. Right-click on this folder and choose the Search command from the context menu. This will open the Search panel. The key piece of information you are after is the string already populated in the Path field. Reading from left-to-right, this string represents the path to this folder of users from the bottom-up, within the domain structure. For our example, this string is: OU=Engineers,OU=Users,DC=testsite,DC=com. 4. Copy and paste this string to a text file for subsequent use in the configuration process, or optionally just leave the Search panel accessible. At this point, the LDAP Admin utility is no longer required for any further steps.

Configuring an Altium Vault to use LDAP Sync Now, let s focus on the Altium Vault. Sign into the target Altium Vault - through its browser-based interface - as an Administrator. If you are intending to create user credentials from LDAP automatically, then you probably want to remove any existing manually created users. So ideally just start with the default Administrator's role users - admin and System. An example target Altium Vault, with just the two default administrative users, admin and System. If you want the users from the LDAP Sync to be associated with a specific role, you can switch to the Roles tab and create a new role as required (e.g. Electrical Designers, Mechanical Designers, PCB Specialists, etc ), leaving it empty of users. For our example, we'll create a role called Engineers. Now switch to the LDAP Sync tab, and click the Add sync task button to access the Add LDAP Sync Task dialog.

Adding a new LDAP Sync Task through the vault's browser-based interface. Fill in the following information (based on our example domain structure we have used in the previous section): General Target Role: Engineers Url: LDAP://testsite.com:389 If configuring for LDAPS (LDAP over SSL), then the Url in this example would be: LDAPS://testsite.com:636. DN: OU=Engineers,OU=Users,DC=testsite,DC=com This is the string obtained from the Path field of the Search panel, when using the LDAP Admin utility in the previous section. Filter: leave this field blank to acquire all users from the specified group determined on the domain (in the DN field). If the nominated area of the domain structure contained further groupings of users, you could extract just a subset of those users by using an appropriate filtering string here.

For example, consider if there had been a set of users under the group of Engineers, gathered to have administrative powers (CN=Administrators). To target just this set of users, and not all of the Engineers (under the OU=Engineers area of the domain structure), a query string could be written that targets this point in the domain structure: (&(objectclass=user)(memberof=cn=administrators,ou=engineers,ou=users,dc =testsite,dc=com)) While the Filter field can be left blank, returning all users along the path defined by the DN field, this can be quite dangerous. That path could be pointing to an area of the domain structure that contains a huge number of users, and could lock-up the whole organization due to excessive load on the Altium Vault and Active Directory. It really is better to target one or more sets of specific users, using dedicated filtering. For more information regarding LDAP queries that can be used to target specific sets of users, use the following links: Common LDAP Queries - specifically the queries dealing with users. This page is actually part of a detailed manual from Google, relating to Google Apps Directory Sync, but is useful for such areas that deal with LDAP. LDAP Query Basics Scope: sub Attributes: samaccountname Authentication User Name: domain\<your username> (e.g. testsite\neal.geneare) Password: <your password> Attribute Mapping First Name: givenname Last Name: sn Email: mail User Name: samaccountname User authentication type Radio button: Windows Domain: testsite.com

Example LDAP Sync task, configured with all required information when using standard LDAP. If using LDAPS (LDAP over SSL), the Url entry would be changed to LDAPS://testsite.com:636. When you have completed entering all settings, click Save. This will initiate the Sync process, which may take a minute or two, as it processes the information you just entered. Watch the Sync status messages at the top of the LDAP Sync page, to see when the process completes. Now click on the Users tab. This list should now be populated with all users as defined by the OU=<GroupName> setting (see example image below). Now anyone can sign into the Altium Vault using their regular Windows login. (e.g. username: neal.geneare, password: ************). It is important that each defined user on the network has an associated email address, otherwise the Altium Vault will not bring those users in. Please note that additional users can be manually added outside of the LDAP Sync group - so you can indeed have a mixture of manually created users as well as LDAP-specified

(automatically created) users. Example population of users for an Altium Vault, through use of an LDAP sync. Source URL: https://techdocs.altium.com/display/dman1/how+to+configure+ldap+sync+with+the+altium+vault

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback