The LDAP Settings dialog allows an administrator to specify advanced LDAP settings. To open
LDAP Settings:
In the Navigator pane, right-click on the name of the server that the users will be added to, then click Open in the shortcut menu.
In the Server editor, click the LDAP tab.
Select the Enabled checkbox to enable LDAP.
Click on the Advanced... button. The LDAP Settings dialog appears. The General tab can be used to enter the application user account and synchronization settings.
In the Account Settings area, type in the Distinguished Name (DN) of the application account to use for LDAP related system actions such as, the import of users and during user data synchronization.
Note: If this field is left empty, an anonymous user account will be used.
Next, type in the password of the application account. This field will always be empty unless the user types in a password. In which case, the typed letters will appear as asterisks (*) and the user will have to re-type the password to ensure that the password is correct. When the OK button is clicked and the two passwords do not match an error message will be shown indicating that the passwords do not match.
Note: Validation of these entries is not possible other than performing an LDAP search (see the Adding Users From LDAP for more details) and verifying that user information is returned.
In the Synchronization Settings area, LDAP synchronization can be disabled by unchecking the Enabled checkbox. If synchronization is disabled, no synchronization will occur and the radio buttons will be disabled.
Note: By default, synchronization is enabled and Automatic Synchronization is selected.
If you will be synchronizing your LDAP database then select a schedule for synchronization. Select either an Automatic Synchronization or a Periodic Synchronization by clicking on their radio buttons. An Automatic Synchronization automatically updates the LDAP database.
Note: The interval setting fields will be disabled if Automatic Synchronization is selected.
If you selected a Periodic Synchronization, you need to specify the Start Time, the End Time and the delay Interval. The start and end times specify the time of the day during which synchronizations should occur and the interval specifies the delay between each sync process.
When the OK button is clicked and the start time does not proceed the end time, an error message will be shown indicating that the start time does not proceed the end time.
Note: The default Start Time is 10:00 PM while the default End Time is 11:00 PM.
The value range of minutes is from 0 to 59, the hours range from 0 to 23 and the days range from 0 to 999. The minimum delay interval allowed is 1 hour. These settings will take effect immediately after saving, without having to restart the Control Manager.
Click on the Attributes tab.
The Attributes tab can be used to specify custom attribute names that map to EPX user properties. Most LDAP implementations use commonly used “out of the box” attribute names, however, this tab allows organizations that have customized names to be included as user properties. The fields will initially be populated with default commonly-used attribute names. If a field is left empty and a name is not specified, that user attribute will not be imported. However, for certain attributes such as UserID, First Name, and Last Name, which are essential in creating users, defaults will be used if none are specified.
Click OK to save the LDAP settings in the database. For more information on configuring EPX to use LDAP, see Adding Users From LDAP and Synchronizing with LDAP.