MashZone NextGen queries the User Repository for user groups and users to enable you and other users to assign permissions for MashZone NextGen resources. To enable these queries you set properties in the Admin Console.
Procedure
User Search Base (in Authentication Properties) = the base context for a search for all users. This is used with the All Users Search Filter and Search Subtree For All Users properties to get a result. For example:
ou=People
This property is also used to search for users during authentication. Consider both uses before changing its value.
All Users Search Filter (in MashZone NextGen Queries) = the search filter, combined with User Search Base that is used to find all user entries. For example:
objectclass=inetOrgPerson
Ensure that the objectclass=inetOrgPerson attribute is set on the LDAP server.
Attributes Used in Wildcard Search (in MashZone NextGen Queries) = a list of LDAP attributes, separated by commas, to search in for wildcard searches. This defaults to:
cn,uid
User Sort By Attribute (in MashZone NextGen Queries) = the LDAP attribute that should be used to sort the results of wildcard searches. This defaults to:
cn
User First Name Attribute (in MashZone NextGen Queries) = the LDAP attribute that holds users' first names.
User Last Name Attribute (in MashZone NextGen Queries) = the LDAP attribute that holds users' last names.
User Email Attribute (in MashZone NextGen Queries) = the LDAP attribute that holds users' email addresses.
Group Search Base (in Authorization Properties) = the beginning context, combined with Filter to Find All Groups for Roles to find all LDAP groups that can be used to assign MashZone NextGen permissions. For example:
ou=groups
This property is also used to search for MashZone NextGen permissions during authorization. Consider both uses before changing its value.
Filter to Find All Groups for Permissions = the search filter, combined with Group Search Base that is used to find all LDAP groups that may be used to assign MashZone NextGen permissions. For example:
objectclass=groupOfUniqueNames
Trouble shooting: If your LDAP user with role Presto_Administrator does not work, it might be helpful to stop MashZone NextGen first, deactivate and reactivate your LDAP connection in MashZone NextGen and then restart MashZone NextGen again.