Prerequisite
You have the Technical configuration administrator function privilege.
Enable LDAP
Start ARIS.
Click Application launcher >
Administration. The Administration opens with the
Configuration view.
Click User Management.
Click the arrow next to LDAP.
Click General settings.
Click Edit.
Enable Use LDAP.
If you want to use ARIS with multiple LDAP systems, enable Activate multiple LDAP integration and click OK in the Confirmation of property value change dialog.
Click Save.
You have added an LDAP server.
Configure the LDAP connection.
Click Add. The Add LDAP server dialog opens.
Enter the following:
ID of the LDAP server
Display name of the LDAP server
LDAP server URL
LDAP server fallback URL
User name of the user who has access to the LDAP content
Password of this user
Specify whether to use SSL and in which mode.
Specify whether to verify host names and certificates.
Simultaneous connections are a cross-tenant property. You can change them only using ARIS Cloud Controller. For more information, refer to the Technical Help.
Specify the connection timeout
Specify the read timeout
Click Save.
Configure the attribute mapping
Click the arrow next to the relevant LDAP server.
Click Attribute mappings.
Click Edit.
Specify the attribute objectClass.
Specify the attribute DN that contains the fully qualified name (distinguishedName).
Specify the attribute GUID that contains the objectGUID.
Click Save.
Configure the group attribute mapping
Click the arrow next to the relevant LDAP server.
Click Group attribute mappings.
Click Edit.
Specify the attribute that contains the group name.
Specify the attribute that references the members of a group.
Specify a comma-separated list of LDAP attributes that are to be imported as user-defined attributes of a user group.
Click Save.
Configure the user attribute mapping
Click the arrow next to the relevant LDAP server.
Click User attribute mapping.
Click Edit.
Specify the attributes that contain the user attribute, for example, the first name, the last name, and the telephone number.
Click Save.
Configure the behavior of LDAP
Click the arrow next to the relevant LDAP server.
Click Behavior.
Click Edit.
Specify the options you want to set:
the group and user object classes.
the search paths.
the search filters.
the recursion depth.
the page size.
the referrals.
Click Save.
Test the LDAP connection
Click the arrow next to the relevant LDAP server.
Click Connection.
Click Test connection.
If the LDAP connection is valid, ARIS with LDAP is set up.
If you want to use single sign-on, you can use Kerberos or SAML 2.0.