Resources
Available actions: |
Create resource for AD/LDAP database. |
|
Create hint for the password fields - will be used within the password change feature as a "i" |
Create Resource
Admin Console / Tenant configuration / Resources / New resource
parameter |
description |
value |
Connector |
link to existing connector:
|
see Connectors |
Description |
identification of the resource |
e.g. Tenant connector |
LDAP type |
|
EXTERNAL |
Group membership search type |
Approach of search (recursive for other ldaps like openldap), ad for microsoft. possible options:
|
|
Read AD uset membership recursively |
Override embedded approach by recursive approach (significant performane improvement). |
|
Group membership search depth |
depth of group membership search |
|
Base DN |
definition of OU for the specific tenant |
|
Priority |
fill in case of more resources for the same connector |
|
Allow user deletion |
checkbox define whether the user can also be deleted from LDAP - by OC/Users/Delete user feature |
|
Allow edit user status |
Whether the user can be edited (by default false). |
|
Username attribute |
identification of specific fields in AD |
e.g. sAMAccountName |
User principal attribute present |
is configured and used for microsoft AD? (by default false) |
|
Firstname attribute |
identification of specific fields in AD |
e.g. givenName |
Lastname attribute |
identification of specific fields in AD |
e.g. sn |
Mail attribute |
identification of specific fields in AD
|
e.g. mail |
Phone attribute |
identification of specific fields in AD
|
e.g. mobile |
Object reference attribute: |
the name of reference attributes in defined resource |
objectSid |
Group name attribute: |
the name of reference attributes in defined resource |
name |
Primary group attribute: |
the name of reference attributes in defined resource |
primaryGroupID |
Membership attribute: |
the name of reference attributes in defined resource |
member |
Sam account name attribute: |
the name of reference attributes in defined resource |
sAMAccountName |
Account expires attribute: |
the name of reference attributes in defined resource |
accountExpires |
Uac attribute: |
the name of reference attributes in defined resource |
userAccountControl |
Lockout attribute: |
the name of reference attributes in defined resource |
lockoutTime |
Filter attribute: |
the name of reference attributes in defined resource |
objectCategory |
User's filter attribute: |
the name of reference attributes in defined resource |
user |
Group's filter attribute: |
the name of reference attributes in defined resource |
group |
Primary group filter attribute: |
the name of reference attributes in defined resource |
group |
User objectClass values (comma-separated values): |
Can be objectClass, inetOrgPerson etc. (by default objectClass). |
|
Create password hint
Admin Console / Tenant configuration / Resources / {specific resource} / Password policy hint
parameter |
description |
value |
language |
|
|
Text |
text which is visible on password input boxes - displays conditions for password strength |
e.g. Length of the password – preferably over 10 characters. Complexity of the password – must contain letters (upper and lower case), numbers, and symbols and have a minimum number of each. Contain no repetitive characters. Contain no human readable words, names, dates, or recognize context with the password.. |