Directory
Before getting started, here is the documentation on the SSO/LDAP mode integrated to SAFE X3:annex documentation.
This function is used to declare a LDAP directory which is take into account if the SSO mode is activated.
Two types of information are declared in this function:
LDAP connection
This panel contains the way in which the connection to the directory is made (the name of the LDAP server, a port number, an access account and a password).
Two additional setup fields define how to inquire the directory.
Field mapping
There is a correspondence between the fields of the LDAP directory and the fields of the X3 user record or the user setup values.
Four field types exist:
Identifier of a LDAP directory element
The X3 field in the user record ADDNAM is a unique identifier in X3 and in the directory. It must have the type 'Identifier' and is associated by default with the directory field distinguishedName.
Second identifier
Case where the setup valueSSOREFMAJ is equal to 1:
When the field of type 'identifier' is not updated in the field ADDNAM of the user record, this second identifier is taken into account to match in a unique way a X3 user with a directory user.
As a general rule, the login field of the X3 user record which will be linked to the field sAMAccountName of the directory is used.
Case where the setup valueSSOREFMAJ is equal to 2:
The search is first performed with the field of type 'identifier 2' and then with the field of type 'identifier'.
Record
This is a field from the X3 user record, which will be updated from the directory.
Setup
This is the value of a user setup, which will be updated from the directory.
Field mapping example
Type | X3 field | Title | Directory field |
Identifier | ADDNAM | AD reference | distinguishedName |
Record | NOMUSR | Name | DisplayName |
Record | ADDEML | Email address | |
Identifier 2 | LOGIN | Login | sAMAccountName |
Record | OBJGUID |
| objectGUID |
Setup | DATSTADEB | Statistics start date | WhenCreated |
Prerequisite
Refer to documentation Implementation
Screen management
Entry screen
Presentation
Two blocks need to be entered: the first one contains the configuration information that enables SAFE X3 to dialog with the directory, the second one defines the information exchanged during this stage.
Close
Fields
The following fields are present on this tab :
Block number 1
| This code identifies the created records in a unique manner. |
| Destined notably to figure in the reports and the screens in which the record code can be entered or selected. This text is used to give a clear description to the record concerned. |
| This check box is used to activate or deactivate the current record without losing its content. A deactivated record cannot be used (by calling its code) in other records (documents, setups, etc.) or during mass processings. The authorizations for a given function can prohibit the creation of an active record. In this case, the box is cleared by default and it can only be modified by an authorized user or via a signature circuit defined by Workflow. |
Configuration
|
|
|
|
|
|
|
|
|
|
Table Mapping
|
|
|
|
|
|
Close
Specific Buttons
This button is used to generate the processing which will be used to access the directory when connecting to SAFE X3. |
Menu Bar
Options / Password deletion
Is used to modify the password in the directory.
Options / Test
Presentation
This is used to test the connection to the LDAP directory.
And then to carry out a LDAP query by setting up the fields of the directory which are to be recovered.
Close
Fields
The following fields are present on this tab :
Block number 1
|
|
|
Table Columns
|
|
|
Close