Table of Contents | ||
---|---|---|
|
...
Field | Required | Description | ||
---|---|---|---|---|
Realm Name | Yes | |||
Description | No | |||
URL | Yes | URL to access LDAP server For example, ldap://localhost:10389 | ||
System Username | Yes | Read-only username to access LDAP server. This should be fully qualified username in LDAP. FlexDeploy will use the system username and system password to bind to LDAP for various operations. For example, uid=admin,ou=system | ||
System Password | Yes | Password for specified system user name. | ||
User Search Base | Yes | User base tree in LDAP server For example, ou=users,ou=system. | ||
User Search Filter | Yes | User search filter to find user records in user search base For example, (&(objectClass=*)(uid={0})), (&(objectClass=*)(sAMAccountName={0}))
| ||
Connect Timeout | No | @since 6.5.0.2 A timeout, in seconds, for connecting to the external server. The default timeout is 30 seconds. If no value is provided, there is no timeout. | ||
Read Timeout | No | @since 6.5.0.2 A timeout, in seconds, for LDAP read operations. The default timeout is 120 seconds. If no value is provided, there is no timeout. | ||
Follow Referrals | Yes | @since 6.5.0.2 How to handle referrals (follow/ignore). The default is ignore. | ||
Group Mapping Enabled | Yes | Enable if you want to map LDAP groups to FlexDeploy groups. LDAP server must support memberOf attribute for group mapping in FlexDeploy. | ||
Group Search Base | No* | Group base tree in LDAP server. Required if group mapping is enabled. For example, (ou=groups,ou=myrealm,dc=MyDomain) | ||
Group Search Filter | No* | Search filter to find groups in group search base. Required if group mapping is enabled. For example, (objectClass=groupOfUniqueNames) |
...
Login Flow with an External Realm
Drawio | ||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|