How to Set Up the iProcess Engine to Work With an LDAP Directory
|
Note
|
Setting up the iProcess Engine to work with an LDAP directory requires knowledge of both iProcess user administration and LDAP server administration. TIBCO recommend that you work with your local LDAP server administrator on the following procedures.
|
By default the iProcess Engine is configured to use normal iProcess user data and administration tools. To use iProcess with an LDAP directory you must:
|
1.
|
Modify the LDAP directory to include iProcess data: |
|
a.
|
Decide which LDAP directory attributes to map to which iProcess properties. |
|
b.
|
Create or modify the necessary entries in the LDAP directory. Each iProcess user, group or role requires an entry in the LDAP directory. |
See Creating and Maintaining iProcess User Data in the LDAP Directory for more information.
|
2.
|
Use LDAPCONF to set up the interface between the LDAP server and the iProcess Engine: |
|
a.
|
Set up the connection parameters. |
|
b.
|
Set up the search parameters, which define the point in the LDAP directory from which to start searching for iProcess user data, and any filters to apply to that search. |
|
c.
|
Set up the mapping between LDAP directory attributes and iProcess properties. |
See Configuring the Interface to the LDAP Server for more information.
|
3.
|
Test the interface to prove that the connection is working and that the correct information is being downloaded. |
See Testing the LDAP Interface for more information.
|
4.
|
Synchronize the iProcess Engine’s user data with the contents of the LDAP directory. |
See Synchronizing iProcess User Data with the LDAP directory for more information.
|
5.
|
If you want to use LDAP for user validation, switch the iProcess Engine over to use it by setting the LDAP_UV attribute. |
See Configuring iProcess to use LDAP User Validation for more information.