Configuring LDAP Sync

The LDAP Sync configuration is stored in the xml file LDAPSync.xml, defaults.xml and optional configuration files for client settings.

LDAPSync.xml contains the following three elements:

Element	Type	Required	Description
Connection	Complex	Yes	LDAP connection configuration
AE	Complex	Yes	AE connection configuration
Clients	Complex	Yes	Configure the path to the mapping configurations and the default settings for each client See also: Configuring Client Settings

Element

Type

Required

Description

Connection

Complex

Yes

LDAP connection configuration

Complex

Yes

AE connection configuration

Clients

Complex

Yes

Configure the path to the mapping configurations and the default settings for each client

See also: Configuring Client Settings

Connection Element Attributes

LDAP specific settings required for connectivity.

Setting	Type	Default	Required	Description
serverName	String		Yes	The name of the LDAP server Example: `MyCompany AD02`
directoryType	Option	AD	No	The directory type Possible values are: AD or `other`
url	String		Yes	The IP address of the LDAP server or its fully qualified domain name and communication port on which the LDAP server listens You can specify multiple servers: separate url entries with a comma. The first server where a connection can be established is used. Example: `ad01.mycompany.com:389,ad02.mycompany.com:389`
useSSL	Boolean	false	No	Enable SSL for the LDAP connection as follows: true: SSL enabled false: SLL disabled Note that you will need to configure an SSL certificate before using this setting.
connectionTimeout	Number	0	No	The time to wait for an LDAP connection to open in seconds If you do not want to set a timeout, set to 0 (zero).
retryConnect	String	10	No	Number of times that LDAPSync tries to reconnect to the LDAP server if the connection is shut down.
username	String		No	The user credentials for an LDAP account with read access to the LDAP directory levels from which you want to import users Examples: cn=administrator,cn=users,dc=ad,dc=example,dc=com cn=user,dc=domain,dc=name user@domain.name
password	String		No	The password for the user specified in username You enter or modify the password as plain text. It will be encrypted during the next synchronization run and stored in the configuration file as encrypted password. Special characters must be escaped in order to comply with the xml standard.
readTimeout	Number	120	No	The time to wait for a response from the LDAP service in seconds. If you do not want to set a timeout, set to 0 (zero).
searchTimeout	Number	60	No	The time to wait for a search result from the LDAP service in seconds. If you do not want to set a timeout, set to 0 (zero).

Example:

<Connection serverName="MyCompany AD02"
            directoryType="AD"
            url="mycompanyad02:389"
            useSSL="false"
            connectionTimeout="0"
            readTimeout="120"
            searchTimeout="60"
            username="mydomain\myuser"
            password="mypassword" 
/>

AE Element Attributes

Configure the connectivity to the Client 0 of the AE.

AE configuration is required for the synchronization for all clients of the AE.

Setting Type Required Description

String

Yes

Setting	Type	Required	Description
cp	String	Yes	The address of the communication process in the AE Allowed formats: DNS Name:Port number Example: `vwgae10:2217` TCP/IP Address:Port number Example: `192.168.0.1:2217`
username	String	Yes	Username and department of the AE user which is used to update/create the user objects in the clients The user must exist in client 0. The user also requires permissions to create and update all users of all clients. Example: `UC/UC`
password	String	Yes	Password for the AE user the user specified in username You enter or modify the password as plain text. It will be encrypted during the next synchronization run and stored in the configuration file as encrypted password.

The address of the communication process in the AE

Allowed formats:

DNS Name:Port number
Example: vwgae10:2217
TCP/IP Address:Port number
Example: 192.168.0.1:2217

username

String

Yes

Username and department of the AE user which is used to update/create the user objects in the clients

The user must exist in client 0. The user also requires permissions to create and update all users of all clients.

Example: UC/UC

password

String

Yes

Password for the AE user the user specified in username

You enter or modify the password as plain text. It will be encrypted during the next synchronization run and stored in the configuration file as encrypted password.

Example:

<AE cp="192.168.0.1:2217"
    username="UC/UC"
    password="UC"
/>

Clients Element Attributes

You must specify where the default settings for all clients are located and from which folder the client settings are taken.

Setting	Type	Required	Default	Description
path	String	Yes	clients	The absolute or relative path to the folder containing the default configuration file and optional individual client configuration files Default: folder "clients" relative to the main configuration folder
default	String	No	defaults.xml	The name of the default configuration file which is used to set default values for all configured clients You can overwrite the default configuration with specific client settings for a specific client number. See also: Configuring Client Settings.

Setting

Type

Required

Default

Description

path

String

Yes

clients

The absolute or relative path to the folder containing the default configuration file and optional individual client configuration files

Default: folder "clients" relative to the main configuration folder

default

String

defaults.xml

The name of the default configuration file which is used to set default values for all configured clients

You can overwrite the default configuration with specific client settings for a specific client number. See also: Configuring Client Settings.

Example:

<Clients
    path="clients" 
    default="defaults.xml"
/>