Last Modified: 12.09.2013
To import users from LDAP directory, perform the following actions.
Creating a Server
Click the Create link in the user import form (otherwise, click Add on the context toolbar in Settings > AD/LDAP) to open the server creation form.
If you encounter difficulties filling in the form fields, consult the System Administration
web course containing the detailed description for each field. Ask your system administrator for the correct values of these fields.
Fill in the Server tab fields:
Note! The Test connection button verifies the provided data and establishes a trial connection to the server. If the verification succeeds, the server will return the available tree roots. Otherwise, the error description in red will show at the top of the screen.
Open the Field Mapping tab. Map attributes to the user fields.
To perform automatic configuration, click AD or LDAP link depending on your server.
The group Map user fields to LDAP attributes contains only the required fields that are periodically synchronized with Active Directory. To map more fields, click the add... link. Each field you add will be verified at the synchronization time and reverted to an original value if it has changed. Essentially, it means that if a user has edited one of these fields at the Intranet Portal, the field will be set to a value stored at an AD server.
It is a good idea to add as many fields as possible when you perform an initial import and synchronization, and then remove the fields that need not be regularly updated.
Click the Groups tabs.
Map the remote server groups to the Intranet portal groups.
To add users of a remote user group to many local (Intranet Portal) user groups, select this remote group as many times as needed and map it to the required local groups.
To intersect two or more remote user groups, select them and map to the same local user group. The latter will contain only users that are in all the selected remote groups.
If you want to synchronize the remote and local databases on regular basis, open the Synchronization tab. Check the option Perform full synchronization. Specify the update period in hours, and enter the Active directory (LDAP) attribute to log changes.