How Does iProcess Work With LDAP?

iProcess user data (that is - user, group, role and attribute data) is maintained as part of the LDAP directory. For each LDAP directory entry that represents an iProcess user, LDAP directory attributes are mapped to corresponding iProcess properties. iProcess Engine can use these entries in the LDAP directory as possible iProcess users, rather than creating operating system accounts for each registered iProcess user. This information is kept as part of the iProcess database.

Warning

Note that in previous versions of the LDAPCONF utility, this information was kept in a file, SWDIR\util\swldap.

You can also optionally use LDAP to provide integral user validation; that is, LDAP passwords can be used to validate users.

Note	You must run the LDAPCONF utility after upgrading the iProcess Engine to any new release, to ensure that user information is up to date in the database. See Upgrading iProcess.

Whenever the iProcess Engine performs a MoveSysInfo operation, it sends a synchronization request to the iProcess BG process to obtain iProcess user data from the LDAP directory. The synchronization request:

searches the LDAP directory for entries that may contain iProcess user data.

downloads those entries to the iProcess Engine, where the entries’ attributes are processed and converted into their corresponding iProcess properties.

Did you find this helpful?

Yes No