The Lightweight Directory Access Protocol (LDAP) is a network protocol for querying and changing user and address data and their attributes that are stored in a database.
KentixONE has an integrated LDAP client that can interact with an LDAP server on which the user and address data are stored in a database.
LDAP server
To import data from the LDAP server into KentixONE, the IP address of the server and the port number are required. If the communication between client and server is to be encrypted, the SSL encryption mode must be set both on the server and in KentixONE.
The data on the LDAP server is organized in a tree structure; an individual object in the database is uniquely identified by the Distinguished Name (DN).
The Base DN defines where in the tree the search for objects is to be started.
By activating the “Soft Delete” function, users already imported into KentixONE who are later deleted on the LDAP server are blocked instead of deleted.
Authentication
To import user data into KentixONE, the bind DN of an LDAP user with the appropriate authorization and their password are required. The bind DN tells the server who wants to perform the access.
System authorizations
Currently, two LDAP user groups can be mapped via KentixONE user groups.
All users receive the authorizations that are assigned to the respective user group. These can be edited under the menu item User administration. In addition to the two groups, administrators can be imported separately from the LDAP server into KentixONE.
Attributes
To import the user data into KentixONE, the type designations of the attributes of the LDAP directory must also be assigned to the corresponding attributes in KentixONE.
Synchronization
Automatic synchronization offers the option of synchronizing the user data in KentixONE with the LDAP server at a specified interval.
Automatic synchronization can be used to ensure that the user data of both systems remains as identical as possible. It is therefore recommended to use this function