aXsGUARD Identifier 3.0.2.0 Product Guide v1.5
LDAP User Synchronization
14
LDAP User Synchronization
14.1
Overview
LDAP User Synchronization
can be configured in the
Configuration Tool
and
supports automatic creation and
updating of User Accounts on the aXsGUARD Identifier from records stored on an LDAP Server. (Other methods of
User Account creation using the
Administration Web Interface
include creating User Accounts manually,
importing User Accounts, and Dynamic User Registration: see section
.
LDAP User Synchronization
is the process of synchronizing records from an LDAP Server,
not
the process of
authenticating with an LDAP Back-end Server. For information on LDAP Back-end Authentication please see
section
Replication
is the process of replicating data between separate aXsGUARD Identifiers. For information on
Replication, please see section
In the following sections, we explain the concepts of:
Synchronization Profiles
Synchronization Profile IDs
Creating and updating User Accounts
Deleting User Accounts
Synchronization frequency
Using multiple Synchronization Profiles
Managing source and destination hierarchies, and
Some special cases which require attention.
LDAP User Synchronization is not server-specific and therefore requires configuring specifically for different LDAP
Servers. Example configurations (e.g. for Microsoft Active Directory 2003 or 2008 and Novell e-Directory) are
described in the
aXsGUARD Identifier Installation Guide.
14.2
LDAP Synchronization Profiles
To set up a synchronization requires:
configuration of general synchronization settings
creating a filter to retrieve the source User Accounts to be synchronized
mapping of (source) LDAP User Account Attributes to the appropriate (destination) aXsGUARD Identifier User
Account properties.
These configurations define the
Synchronization Profile
in the
Configuration Tool
.
©
2009 VASCO Data Security
81