立即与支持人员聊天
与支持团队交流

Identity Manager 9.2 - Administration Guide for Connecting to LDAP

About this guide Managing LDAP environments Synchronizing LDAP directories
Setting up initial LDAP directory synchronization Adjusting the synchronization configuration for LDAP environments Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Managing LDAP user accounts and identities Managing memberships in LDAP groups Login credentials for LDAP user accounts Mapping LDAP objects in One Identity Manager Handling of LDAP objects in the Web Portal Basic data for managing an LDAP environment Troubleshooting Configuration parameters for managing an LDAP environment Default project template for LDAP LDAP connector V2 settings

Support for the eduPerson object class

One Identity Manager supports the eduPerson object class. This object class is mainly used in directories of universities and colleges to simplify communication between institutions. For more information on eduPerson, see https://wiki.refeds.org/display/STAN/eduPerson.

The following schema properties are supported:

  • EduPersonAffiliation

  • EduPersonEntitlement

  • EduPersonNickname

  • EduPersonOrgDN

  • EduPersonOrgUnitDN

  • EduPersonPrimaryAffiliation

  • EduPersonPrimaryOrgUnitDN

  • EduPersonPrincipalName

  • EduPersonPrincipalNamePrior

  • EduPersonScopedAffiliation

  • EduPersonTargetedId

  • EduPersonAssurance

  • EduPersonUniqueId

  • EduPersonOrcId

  • EduPersonAnalyticsTag

The schema properties are not mapped in the default template for synchronization projects. If you want to use the object class, customize the mapping in the Synchronization Editor. For more information about editing property mapping rules in the Synchronization Editor, see the One Identity Manager Target System Synchronization Reference Guide.

Create custom templates and formatting rule as required. For more information about customizing the One Identity Manager schema, see the One Identity Manager Configuration Guide.

Related topics

Changing system connection settings of LDAP domains

When you set up synchronization for the first time, the system connection properties are set to default values that you can modify. There are two ways to do this:

  1. Specify a specialized variable set and change the values of the affected variables.

    The default values remain untouched in the default variable set. The variables can be reset to the default values at any time. (Recommended action).

  2. Edit the target system connection with the system connection wizard and change the effected values.

    The system connection wizard supplies additional explanations of the settings. The default values can only be restored under particular conditions.

Detailed information about this topic

Editing connection parameters in the variable set

The connection parameters were saved as variables in the default variable set when synchronization was set up. You can change the values in these variables to suit you requirements and assign the variable set to a start up configuration and a base object. This means that you always have the option to use default values from the default variable set.

NOTE: To guarantee data consistency in the connected target system, ensure that the start-up configuration for synchronization and the base object for provisioning use the same variable set. This especially applies if a synchronization project is used for synchronizing different LDAP domains.

To customize connection parameters in a specialized variable set

  1. In the Synchronization Editor, open the synchronization project.

  2. Select the Configuration > Target system category.

  3. Open the Connection parameters view.

    Some connection parameters can be converted to variables here. For other parameters, variables are already created.

  4. Select a parameter and click Convert.

  5. Select the Configuration > Variables category.

    All specialized variable sets are shown in the lower part of the document view.

  6. Select a specialized variable set or click on in the variable set view's toolbar.

    • To rename the variable set, select the variable set and click the variable set view in the toolbar . Enter a name for the variable set.

  7. Select the previously added variable and enter a new value.

  8. Select the Configuration > Start up configurations category.

  9. Select a start up configuration and click Edit.

  10. Select the General tab.

  11. Select the specialized variable set in the Variable set menu.

  12. Select the Configuration > Base objects category.

  13. Select the base object and click .

    - OR -

    To add a new base object, click .

  14. Select the specialized variable set in the Variable set menu.

  15. Save the changes.

For more information about using variables and variable sets, or restoring default values and adding base objects, see the One Identity Manager Target System Synchronization Reference Guide.

Related topics

Editing target system connection properties

The advanced settings of the target system connection can be changed using the system connection wizard. If variables are defined for the settings, the changes are transferred to the active variable set.

NOTE: In the following circumstances, the default values cannot be restored:

  • The connection parameters are not defined as variables.

  • The default variable set is selected as an active variable set.

In both these cases, the system connection wizard overwrites the default values. They cannot be restored at a later time.

To edit advanced settings with the system connection wizard

  1. In the Synchronization Editor, open the synchronization project.

  2. In the toolbar, select the active variable set to be used for the connection to the target system.

    NOTE: If the default variable set is selected, the default values are overwritten and cannot be restored at a later time.

  3. Select the Configuration > Target system category.

  4. Click Edit connection.

    This starts the system connection wizard.

  1. Follow the system connection wizard instructions and change the relevant properties.

  2. Save the changes.
Related topics
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级