This requires being connected to your server.
What it Does:
- Adds users
- Users who are added by PAP are given a role
- primary group
- secondary group
What it Does Not Do:
- Remove users
- Implement LDAP integration (*This needs to be set up separately)
- Secure which users will get added. Anyone that: has access to the URL, supplies their network username and password, and is LDAP authenticated, will be given access to iDashboards provided there is an available license (related to #2)
- Control the number of licenses that get taken up (related to #3)
- SSO
- Does not map iDashboards groups to LDAP groups
Please add the following lines to the ivizgroup.properties file to properly configure PAP: All lines are commented out with the # symbol. Please remove the # symbol in order for the iDashboards server to read those lines.
#PostAuthenticationProcessor code below#PostAuthenticationProcessor=com.ivizgroup.idb.extension.user.LDAPUserSynchronizer
#PostAuthenticationProcessor.connectionURL= ldap://<domain name>:389
#PostAuthenticationProcessor.userBase=dc=example,dc=com
#PostAuthenticationProcessor.userSearch=(sAMAccountName={0})
#PostAuthenticationProcessor.reload=false
#PostAuthenticationProcessor.addUser=true
#PostAuthenticationProcessor.updateUser=true
#PostAuthenticationProcessor.default.USER_ROLE=<N, A, U, V>
#PostAuthenticationProcessor.default.PRIMARY_GROUP_ID=<Primary Group ID>
#PostAuthenticationProcessor.default.SECONDARY_GROUP_IDS=<Secondary Group ID>
#Other optional additions to the code:
#PostAuthenticationProcessor.userSearch=(uid={0})
#PostAuthenticationProcessor.userSearch=(cn={0})
#PostAuthenticationProcessor.userSubtree=
#PostAuthenticationProcessor.referral=follow
#PostAuthenticationProcessor.connectionName=<username to connect to AD>
#PostAuthenticationProcessor.connectionPassword=
#PostAuthenticationProcessor.userSearchModifiers=com.ivizgroup.extension.modifiers.BackslashStringModified
Warning:
In smaller user account quantities the Post Authentication Process can cause your user that has been successfully authenticated in LDAP to not gain access to iDashboards if no licenses are available. This can result into a poor user experience. To avoid this make sure you are properly licensed for the maximum amount of users your organization may use at any given time. If you need to increase your number of licenses please contact your Client Success Manager.
Disclaimer: iDashboards Technical Support Engineers are not Active Directory Administrators (ADA) who know in depth knowledge. We often learn these skills on the job and have limited knowledge. We do our best to help you with your software in determining if: you are not leveraging the software in the best way for your data or you found a bug in the software, because we want to assist you in your success.
If the above is unable to resolve the issue, then please contact Your Organization's Active Directory Admin for further assistance and if unable to resolve internally then contact iDashboards Support for further assistance.
Comments
0 comments
Please sign in to leave a comment.