The LDAP server operations are used, for example,
to import users or user groups and their members, or
to preview users or user groups, or
to synchronize users or user groups.
The preview is used to verify that the specified search paths and filters return the correct set of users or user groups.
The import imports the users or user groups and their members into ARIS.
When the users are imported into ARIS and a user or user group is changed on the LDAP server, you can synchronize to apply the latest changes to ARIS.
Prerequisite
You have the Technical configuration administrator function privilege.
You must have an already generated truststore file.
Procedure
Start ARIS.
Click Application launcher >
Administration. The Administration opens with the
Configuration view.
Click User management.
Click the arrow next to LDAP.
Click General settings.
Click Edit.
Enable Use LDAP.
Click Save.
Click Truststore.
Click Upload. The Truststore dialog opens. Select the truststore file you want to use and click Upload.
Click the arrow next to the relevant LDAP server.
Click Connection.
Click Edit.
Configure the LDAP URL by entering an ID, a name, and the URL in the Server URL field, for example:
ldap://hqgc.mycompany.com:3168.
Configure the fallback URL of the LDAP backup system in the Server URL (fallback) field. This backup system takes over automatically if the LDAP server cannot be reached via its primary URL.
Click Save.
Click Behavior.
Click Edit.
Enter the path to the user group in the Group search paths field.
Enter the path to the users in the User search paths field.
If you configure only one LDAP server, you can skip this step.
If you use a system with multiple LDAP servers, you must configure referrals.
Select ignore if you do not want to search all configured LDAP servers. The LDAP operations are performed only on the primary LDAP server.
Select follow if you want to execute the operations on all configured LDAP servers.
Select throw if you want to execute the operations on all configured LDAP servers. All valid users are included, and the result is logged. Valid users and invalid users are listed in the LDAP.log file.
Click Save.
To ensure that the import of LDAP users does not fail despite any errors that might occur, for example, if names are duplicated, click LDAP > General settings > Advanced settings and enable Skip errors.
You have configured ARIS for LDAP server operations.