Customize ARIS for LDAP server operations

The LDAP server operations are used, for example,

The preview is used to verify that the specified search paths and filters return the correct set of users or user groups.

The import imports the users or user groups and their members into ARIS.

When the users are imported into ARIS and a user or user group is changed on the LDAP server, you can synchronize to apply the latest changes to ARIS.

Prerequisite

Procedure

  1. Start ARIS.

  2. Click Application launcher Application launcher > Administration Administration. The Administration opens with the Configuration Configuration view.

  3. Click User management.

  4. Click the arrow next to LDAP.

  5. Click General settings.

  6. Click Edit Edit.

  7. Enable Use LDAP.

  8. Click Save Save.

  9. Click Truststore.

  10. Click Upload Upload. The Truststore dialog opens. Select the truststore file you want to use and click Upload.

  11. Click the arrow next to the relevant LDAP server.

  12. Click Connection.

  13. Click Edit Edit.

  14. Configure the LDAP URL by entering an ID, a name, and the URL in the Server URL field, for example:

    ldap://hqgc.mycompany.com:3168.

  15. Configure the fallback URL of the LDAP backup system in the Server URL (fallback) field. This backup system takes over automatically if the LDAP server cannot be reached via its primary URL.

  16. Click Save Save.

  17. Click Behavior.

  18. Click Edit Edit.

  19. Enter the path to the user group in the Group search paths field.

  20. Enter the path to the users in the User search paths field.

  21. If you configure only one LDAP server, you can skip this step.

    If you use a system with multiple LDAP servers, you must configure referrals.

    Select ignore if you do not want to search all configured LDAP servers. The LDAP operations are performed only on the primary LDAP server.

    Select follow if you want to execute the operations on all configured LDAP servers.

    Select throw if you want to execute the operations on all configured LDAP servers. All valid users are included, and the result is logged. Valid users and invalid users are listed in the LDAP.log file.

  22. Click Save Save.

    To ensure that the import of LDAP users does not fail despite any errors that might occur, for example, if names are duplicated, click LDAP > General settings > Advanced settings and enable Skip errors.

You have configured ARIS for LDAP server operations.