Section | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Configuring and LDAP/Active Directory
users and groups can be maintained externally in systems such as Active Directory or Open LDAP. Follow these steps to integrate and your LDAP server:
- Collect the key information listed below and verify the Prerequisite Tasks have been performed.
- Create a tenant with the LDAP/Active Directory Security Manager class.
- Once you have your tenant successfully connecting with your LDAP server, review the available options regarding the authentication proces
Key Information to Collect
...
- LDAP server name or ip
- LDAP server port
- User name and password with proper permissions to access and browse LDAP.
- LDAP groups and/or users that will be considered designers. These users will be able to create forms and flows in frevvo.
- LDAP groups and users that will be considered administrators.
- LDAP groups and users that will be considered publishers. This role gives a user the permission to go to the home page of every other tenant user.
- LDAP groups and users that will be considered ReadOnly.
Prerequisite Tasks
These instructions assume that you have an in-house installation of Live Forms up and running or you have signed up for an LDAP tenant on the cloud server
...
Active Directory Customers using LDAP must ensure that frevvo.User, frevvo.TenantAdmin and frevvo.Designer groups are specified on your LDAP/AD server. The group names must be spelled as shown. Upper/lower case may be a factor for Open LDAP systems.
...
Prerequisite Tasks
These instructions assume that you have an in-house installation of Live Forms up and running or you have signed up for an LDAP tenant on the cloud server
Warning |
---|
Active Directory Customers using LDAP must ensure that frevvo.User, frevvo.TenantAdmin and frevvo.Designer groups are specified on your LDAP/AD server. The group names must be spelled as shown. Upper/lower case may be a factor for Open LDAP systems.
|
Configuring and LDAP/Active Directory
users and groups can be maintained externally in systems such as Active Directory or Open LDAP. Follow these steps to integrate and your LDAP server:
- Collect the key information listed below and verify the Prerequisite Tasks have been performed.
- Create a tenant with the LDAP/Active Directory Security Manager class.
- Once you have your tenant successfully connecting with your LDAP server, review the available options regarding the authentication proces
Key Information to Collect
- LDAP server name or ip
- LDAP server port
- User name and password with proper permissions to access and browse LDAP.
- LDAP groups and/or users that will be considered designers. These users will be able to create forms and flows in frevvo.
- LDAP groups and users that will be considered administrators.
- LDAP groups and users that will be considered publishers. This role gives a user the permission to go to the home page of every other tenant user.
- LDAP groups and users that will be considered ReadOnly.
Create a tenant with the LDAP/Active Directory Security Manager class
...
Expand | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||
These are the properties used to configure the LDAP/Active Directory security manager. The properties in bold are required. LDAP Configuration PropertiesThese are the properties used to configure the LDAP/Active Directory security manager. The properties in bold are required.
|
...
The first issue occurs when the user logs in. For instance, John Stevens LDAP account is JStevens but he logs in as jstevens, he will be recognized by case insensitive LDAP and thus granted access but will not be recognized as a designer or as a tenant admin by . To solve this, check the Ignore Case checkbox on the LDAP Configuration screen. To prevent issues you could always login to using lower case jstevens. LDAP will grant access as it is case insensitive and will know that you may have the designer or admin special permission. However users can forget to do this. Setting Ignore Case in your LDAP security configuration will solve this.
The second problem is in directing tasks to users if your LDAP user names are mixed case. One solution is to use hidden controls on your forms with rules to convert the case of user names to lower case. The example below shows two text controls on a form, one visible, EmployeeMixedCase, and the other hidden, Employee.
...