Plugin installed incorrectly. Rename plugin directory 'swiftmail.backup' to 'swiftmail'.
en:software:tim:ldap
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
en:software:tim:ldap [2014/12/16 16:31] 127.0.0.1 external edit |
en:software:tim:ldap [2021/07/01 09:52] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | FIXME **This page is not fully translated, yet. Please help completing the translation.**\\ //(remove this paragraph once the translation is finished)// | ||
| - | |||
| - | |||
| ======LDAP====== | ======LDAP====== | ||
| ==== Overview ==== | ==== Overview ==== | ||
| - | The goal of the LDAP synchronization module is to apply a nearly random group- and user structure from an LDAP-service and to feed it with necessary information in order to use this as a basis for the T!M group-/ user structure. The foundation for this module constitutes the TimedService component via which the synchronization is run time-controlled. | + | The goal of the LDAP synchronization module is to apply a nearly random group- and user structure from an LDAP-service and to feed it with necessary information in order to use this as a basis for the TIM group-/ user structure. The foundation for this module constitutes the TimedService component via which the synchronization is run time-controlled. |
| The module consists of two essential parts which together allow a synchronization of naerly random LDAP-structures. In order to establish an LDAP-module several steps are necessary which are explained in this entry. | The module consists of two essential parts which together allow a synchronization of naerly random LDAP-structures. In order to establish an LDAP-module several steps are necessary which are explained in this entry. | ||
| Line 12: | Line 9: | ||
| ==== Basic configuration LDAP ==== | ==== Basic configuration LDAP ==== | ||
| - | In order to enable T!m - Task !n Motion to access to an LDAP-server, [[.:ldap:tim-ldap.properties|the following file]] has to be adapted: | + | In order to enable TIM to access to an LDAP-server, [[.:ldap:tim-ldap.properties|the following file]] has to be adapted: |
| jboss<version>\standalon\configuration\tim-ldap.properties | jboss<version>\standalon\configuration\tim-ldap.properties | ||
| These settings apply for all [[en:software:tim:client|clients]]! For a detailed description of the single lines you can get further information here: [[.:ldap:tim-ldap.properties|here]] | These settings apply for all [[en:software:tim:client|clients]]! For a detailed description of the single lines you can get further information here: [[.:ldap:tim-ldap.properties|here]] | ||
| Line 36: | Line 33: | ||
| ==== Establish an LDAP lookup ==== | ==== Establish an LDAP lookup ==== | ||
| {{ en:software:tim:ldap-lookup.png?direct&300|}} | {{ en:software:tim:ldap-lookup.png?direct&300|}} | ||
| - | LDAP lookup means tthat T!M forwards authentication requests to the LDAP server and inquires if the user has the right to register himself. As the rights management is currently deposited in T!M, the user has to be registered in T!M! | + | LDAP lookup means tthat TIM forwards authentication requests to the LDAP server and inquires if the user has the right to register himself. As the rights management is currently deposited in TIM, the user has to be registered in TIM! |
| >> IMPORTANT! (see screenshot) | >> IMPORTANT! (see screenshot) | ||
| > An e-mail address has to be deposited in the [[user_profile_properties|Userprofil]] | > An e-mail address has to be deposited in the [[user_profile_properties|Userprofil]] | ||
| > The log-in is not permitted as long as the user has to change his password in the AD | > The log-in is not permitted as long as the user has to change his password in the AD | ||
| - | > The rights of the user are managed in T!M | + | > The rights of the user are managed in TIM |
| Line 46: | Line 43: | ||
| ====LDAP Sync==== | ====LDAP Sync==== | ||
| - | The LDAP Sync givs the possibility to create users in T!M and to apply attributes from the LDAP. How LDAP attributes are linked to T!M-attributes can be looked up in [[.:ldap:ldap_properties|the following page]]. \\ | + | The LDAP Sync givs the possibility to create users in TIM and to apply attributes from the LDAP. How LDAP attributes are linked to TIM-attributes can be looked up in [[en:software:tim:ldap:tim-ldap.properties|the following page]]. \\ |
| In order to activate the LDAP-Sync, the [[en:software:tim:timer:createusersfromldapgroup|the following timer]] is required. | In order to activate the LDAP-Sync, the [[en:software:tim:timer:createusersfromldapgroup|the following timer]] is required. | ||
| Line 52: | Line 49: | ||
| ==== Example in practice ==== | ==== Example in practice ==== | ||
| - | Such a group structure and the configuration of 4 timers (one timer per group) enables the admin to conviniently allocate rights in T!M. Important is that all T!M-users are in the group **TIM-Member**. If this is not given, it could leat to an admin not being able to open a smartform as the member-right is required. {{ :software:tim:ldap_gruppen.jpg?direct|}} | + | Such a group structure and the configuration of 4 timers (one timer per group) enables the admin to conviniently allocate rights in TIM. Important is that all TIM-users are in the group **TIM-Member**. If this is not given, it could leat to an admin not being able to open a smartform as the member-right is required. {{ :software:tim:ldap_gruppen.jpg?direct|}} |
en/software/tim/ldap.1418743919.txt.gz · Last modified: 2021/07/01 09:54 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: 2013 T!M Solutions GmbH
