LDAP Sync

To populate the MFT database with LDAP users, you should sync TIBCO MFT Internet Server with an LDAP server. To bind to the LDAP server, you should set up an authenticator through the Administration > Authenticators > Add Authenticator option.

See Add Authenticator for more information. When the authenticator is configured and tested, you can run an LDAP sync.

By default, synchronization to the TIBCO MFT Internet Server database will pull in the directory user’s Login ID, full name, and email address for those contained in the LDAP sync group, as well as any rights assigned to the user if the right management is enabled on the authenticator.

To synchronize LDAP authenticators, a user must have TIBCO MFT Command Center AdministratorRight assigned to them in the system.

Synchronization is performed three different ways:

  • Manual Sync

    A manual sync can be done by the administrator by going to the LDAP Sync page to sync a single user or all LDAP users.

  • Scheduled Sync

    A scheduled sync can be done once a day by setting up the options found in the LDAP Settings section of the Administration > System Configuration page. By default, this is disabled. If you have TIBCO MFT Command Center and TIBCO MFT Internet Server sharing the same database the sync can be configured to be performed by either server.

  • Automatic Sync

    This synchronization occurs when an LDAP user logs into the TIBCO MFT Command Center system and authenticates against the LDAP server.