LDAP Management

LDAP management allows user accounts and groups to be managed automatically.

There may occasionally be a requirement to add an account that is not part of your organizations LDAP.  For example, if an administrator is required to test functionality, or an external body require temporary access for audit purposes.

Enabling and Disabling LDAP Management for Specific Users and User Groups

By default, if LDAP is enabled then user accounts will be automatically managed by LDAP. User groups are not managed by LDAP unless specifically flagged.

1.Select Tools > Users > User Accounts.

2.Right-click the user and choose Properties.

3.Select or clear the This account is not to be managed via LDAP check box.

1.Select Tools > Users > User Accounts.

2.Right-click the user group and choose Group Properties.

3.Select the This group is managed via LDAP check box.

4.Enter the distinguished name (DN) for the user group (this must match the corresponding directory server group name).

To disable LDAP management, clear the This group is managed via LDAP check box.

Note: If LDAP is enabled you cannot disable LDAP management for the main user group roles.

Note: LDAP group members that are not found will be skipped and will not be included as part of the synchronized group.

The Admin Utility allows you to enable or disable the Ignore LDAP flag for specific user groups. This is useful if you want some groups to use a separate Nimbus® user name and password to log in, and some groups are to be managed by LDAP.

1.Run the Admin Utility (AdminUtil.exe, found in the Utilities folder on the CD Image)  

2.From the Tools menu choose Toggle Ignore LDAP.

3.Select to set the Ignore LDAP flag to On or Off

4.Select the check boxes of your user types, and then click Apply.

Note: LDAP group members that are not found will be skipped and not included as part of the synchronized group.