ExtraView can be configured to use an LDAP directory for details of users. This is optional, and is controlled by the same behavior setting that signifies whether SSO is turned off or on (SSO_STATE). See the section on Single Sign On within this guide for more information.
LDAP Server Information
Once again, see above for the ExtraView behavior settings that control the connection. In addition, the ExtraView configuration file Configuration.properties specifies the parameters required to access the LDAP server.
There is an assumption that only a single LDAP server will be configured. The following information also assumes that the administrator is familiar with the configuration of LDAP servers.
In the ExtraView configuration file, the following fields will be mapped to matched the host LDAP data structures:
######################### ## LDAP SEARCH MAPPING ## ######################### LDAP_PRIMARYKEY = primary_key LDAP_SURNAME = surname LDAP_GIVENNAME = given_name LDAP_COMMONNAME = common_name LDAP_DISTINGUISHEDNAME = distinguishedname LDAP_EMAIL = email_address LDAP_STREET = street_address LDAP_CITY = city LDAP_STATE = state LDAP_POSTALCODE = postal_code LDAP_COUNTRY = country_name LDAP_PHONE = telephone_number LDAP_MOBILE = mobile_number LDAP_PAGER = pager_number LDAP_COMPANYNAME = your_companyname |
ExtraView maps the following LDAP fields, if they are configured for use and if they are accessible in LDAP by ExtraView.
ExtraView Field | LDAP Field | Mapped | Comments |
User ID | LDAP_PRIMARYKEY | Yes | Used for login and user authentication |
First name | LDAP_GIVENNAME | Yes | |
Last name | LDAP_SURNAME | Yes | |
Password | LDAP_PSWRD | Yes | Used for login and user authentication. Note that the password is used only when inserting a new user via LDAP connection, and only if the CUSTOM_AUTHENTICATION behavior setting is set to NO. |
Expire password | NA | No | |
User Roles | NA | Optional | May use rule mapping to map this field |
Privacy Groups | NA | Optional | May use rule mapping to map this field |
Set Default Area | NA | Optional | May use rule mapping to map this field |
Set Default Project | NA | Optional | May use rule mapping to map this field |
Email address | LDAP_EMAIL | Yes | |
Date Format | NA | No | |
Time in 24 Hour Format | NA | No | |
Drilldown Report format | NA | No | |
Time zone | NA | Yes | |
Notify on own updates | NA | No | |
Job title | NA | Yes | |
Company name | LDAP_COMPANYNAME | Yes | This is not used in the mapping |
Address | LDAP_STREET | Yes | |
City | LDAP_CITY | Yes | |
State / Province | LDAP_STATE | Yes | |
Zip / Postal Code | LDAP_POSTALCODE | Yes | |
Country | LDAP_COUNTRY | Yes | |
Work phone | LDAP_PHONE | Yes | |
Home phone | NA | Yes | |
Cell phone | LDAP_MOBILE | Yes | |
Fax | LDAP_FAX | Yes | |
Pager | LDAP_PAGER | Yes | |
Any UDF field | A distinguished Name | Yes | |
User Expired | NA | Yes | Value is used but not saved locally within ExtraView |
Session expiration limit | NA | No | |
It is supported to map the same LDAP schema name to multiple ExtraView configuration properties, for example:
LDAP_PRIMARYKEY = uid LDAP_EMAIL = uid
Note: The fields in bold in the above table are typically mandatory in ExtraView.
Note: Most of the ExtraView fields are accessible through the user administration screens.
Note: ExtraView user role information is not stored in the LDAP server.