Mapping LDAP Directory Attributes to iProcess Properties
|
Note |
See LDAP Directory Entries and Attributes for more information about how iProcess properties are mapped to LDAP directory attributes. |
To define the mappings of LDAP directory attributes to iProcess properties:
| 1. | Select the following option from the LDAPCONF menu: |
[3] Set Attribute Mappings
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Username (sn): username
| 2. | Enter the name of the LDAP directory attribute that contains the iProcess <USERNAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess GroupName :
| 3. | Enter the name of the LDAP directory attribute that contains the iProcess <ROLENAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Rolename:
| 4. | Enter the name of the LDAP directory attribute that contains the iProcess <GROUPNAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Description (description):
| 5. | Enter the name of the LDAP directory attribute that contains the iProcess <DESCRIPTION> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Language (language):
| 6. | Enter the name of the LDAP directory attribute that contains the iProcess <LANGUAGE> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Menu Name (menuname):
| 7. | Enter the name of the LDAP directory attribute that contains the iProcess <MENUNAME> property. |
|
Note |
|
The following prompt is displayed:
Enter the X.500 attribute for the Sortmail (sortmail):
| 8. | Enter the name of the LDAP directory attribute that contains the iProcess <SORTMAIL> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Group User (groupusers): ugroup
| 9. | Enter the name of the LDAP directory attribute that contains the iProcess <GROUPUSERS> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Role User (roleuser): urole
| 10. | Enter the name of the LDAP directory attribute that contains the iProcess <ROLEUSERS> property. |
| 11. | You are prompted, in turn, to enter the name of the LDAP directory attributes that map to the following iProcess properties: |
|
Prompt for iProcess.... |
Default Mapping |
Description |
|
Username |
sn |
Enter the name of the LDAP directory attribute that maps to the iProcess user name. |
|
Groupname |
groupname |
Enter the name of the LDAP directory attribute that maps to the iProcess group name. |
|
Rolename |
rolename |
Enter the name of the LDAP directory attribute that maps to the iProcess role name. |
|
Description |
description |
Enter the name of the LDAP directory attribute that maps to the iProcess DESCRIPTION attribute |
|
Language |
language |
Enter the name of the LDAP directory attribute that maps to the iProcess LANGUAGE attribute. |
|
Menu Name |
menuname |
Enter the name of the LDAP directory attribute that maps to the iProcess MENUNAME attribute. Note: This attribute is used to determine whether an LDAP directory entry found as a result of a search is an iProcess user, group or role. |
|
Sortmail |
sortmail |
Enter the name of the LDAP directory attribute that maps to the iProcess SORTMAIL attribute. |
|
iProcess Group User |
groupusers |
Enter the name of the LDAP directory attribute that contains the members of a group. |
|
iProcess Role User |
roleuser |
Enter the name of the LDAP directory attribute that contains the name of the iProcess user who is assigned to a role. |
|
Qsupervisors |
qsupervisors |
Enter the name of the LDAP directory attribute that maps to the iProcess QSUPERVISORS attribute. |
|
Userflags |
userflags |
Enter the name of the LDAP directory attribute that maps to the iProcess USERFLAGS attribute. |
|
Note |
These mappings must be unique. A warning message is displayed if you try to map an LDAP directory attribute to an iProcess property if you have already mapped that LDAP directory attribute. |
The following prompt is displayed:
Please Enter option (L)ist/(C)hange/(D)elete/(A)dd/(Q)uit
| 12. | This allows you to select additional LDAP directory attributes to be used in the iProcess Suite. Select: |
| — | List to display the list of additional LDAP directory attributes currently in use. (The first time you select this option the previously saved list is displayed.) |
| — | Change to replace an LDAP directory attribute in the list with a new one. |
| — | Delete to delete an LDAP directory attribute from the list. |
| — | Add to add an LDAP directory attribute to the list. |
| 13. | Select Quit when the list matches your requirements. |
|
Note |
Remember to Save these settings if you want to use them in a future LDAPCONF session. |
Here is an example of the Set Attribute Mappings option.
Enter the LDAP attribute for the iProcess Username (sn): username
Enter the LDAP attribute for the iProcess GroupName (groupname):
Enter the LDAP attribute for the iProcess Rolename (rolename):
Enter the LDAP attribute for the Description (description):
Enter the LDAP attribute for the Language (language):
Enter the LDAP attribute for the Menu Name (menuname):
Enter the LDAP attribute for the Sortmail (sortmail):
Enter the LDAP attribute for the iProcess Group User (groupusers): ugroup
Enter the LDAP attribute for the iProcess Role User (roleuser): urole
Enter the LDAP attribute for the Qsupervisors (qsupervisors):
Enter the LDAP attribute for the Userflags (groupflags):
Please Enter option (L)ist/(C)hange/(D)elete/(A)dd/(Q)uit : A
Value to add : email
Please Enter option (L)ist/(C)hange/(D)elete/(A)dd/(Q)uit : A
Value to add : telephone
Please Enter option (L)ist/(C)hange/(D)elete/(A)dd/(Q)uit : L
email telephone
Please Enter option (L)ist/(C)hange/(D)elete/(A)dd/(Q)uit : Q
[4] Group Membership in MEMBER LIST format
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Username (sn): username
| 15. | Enter the name of the LDAP directory attribute that contains the iProcess <USERNAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess GroupName:
| 16. | Enter the name of the LDAP directory attribute that contains the iProcess <ROLENAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Rolename:
| 17. | Enter the name of the LDAP directory attribute that contains the iProcess <GROUPNAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Description (description):
| 18. | Enter the name of the LDAP directory attribute that contains the iProcess <DESCRIPTION> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Language (language):
| 19. | Enter the name of the LDAP directory attribute that contains the iProcess <LANGUAGE> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Menu Name (menuname):
| 20. | Enter the name of the LDAP directory attribute that contains the iProcess <MENUNAME> property. |
|
Note |
|
The following prompt is displayed:
Enter the X.500 attribute for the Sortmail (sortmail):
| 21. | Enter the name of the LDAP directory attribute that contains the iProcess <SORTMAIL> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Group User (groupusers): ugroup
| 22. | Enter the name of the LDAP directory attribute that contains the iProcess <GROUPUSERS> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Role User (roleuser): urole
| 23. | Enter the name of the LDAP directory attribute that contains the iProcess <ROLEUSERS> property. |
|
Note |
If you subsequently want to change this option, so that LDAPCONF reads <GROUPUSERS> directory attribute values as LDAP DNs, select option [4] again from the LDAPCONF menu: |
[4] Group Membership in LDAP DN format
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Username (sn): username
| 24. | Enter the name of the LDAP directory attribute that contains the iProcess <USERNAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess GroupName:
| 25. | Enter the name of the LDAP directory attribute that contains the iProcess <ROLENAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Rolename (??):
| 26. | Enter the name of the LDAP directory attribute that contains the iProcess <GROUPNAME> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Description (description):
| 27. | Enter the name of the LDAP directory attribute that contains the iProcess <DESCRIPTION> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Language (language):
| 28. | Enter the name of the LDAP directory attribute that contains the iProcess <LANGUAGE> property. |
The following prompt is displayed:
Enter the X.500 attribute for the Menu Name (menuname):
| 29. | Enter the name of the LDAP directory attribute that contains the iProcess <MENUNAME> property. |
|
Note |
|
The following prompt is displayed:
Enter the X.500 attribute for the Sortmail (sortmail):
| 30. | Enter the name of the LDAP directory attribute that contains the iProcess <SORTMAIL> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Group User (groupusers): ugroup
| 31. | Enter the name of the LDAP directory attribute that contains the iProcess <GROUPUSERS> property. |
The following prompt is displayed:
Enter the X.500 attribute for the iProcess Role User (roleuser): urole
| 32. | Enter the name of the LDAP directory attribute that contains the iProcess <ROLEUSERS> property. |
See Defining Group Membership for more information about how to define <GROUPUSERS> attribute values.