Using LDAP Integration for User Management
- Persia Xenopoulou (Deactivated)
Back to User Management Main Page
Table of Contents
Navigating to LDAP Integration
FOUNDATION > USER MANAGEMENT > LDAP INTEGRATION
What is LDAP Integration?
Lightweight Directory Access Protocol (LDAP) is an application protocol for communicating with, and querying and modifying items in, a Directory Service provider such as Active Directory (a Directory Services Database).
CRM.COM integration with LDAP/Active Directory makes it possible to import and manage Active Directory Users in CRM.COM. The following actions are available through LDAP Integration:
- Import Users from Active Directory and map to existing or new CRM.COM Users.
- Un-map CRM.COM Users from Active Directory Users.
- Warn Users through CRM.COM regarding password expiration in Active Directory and inform of possibility to Change Active Directory password via CRM.COM.
- Navigate to LDAP Integration and explore existing LDAP Users via the respective tab.
- Use the Search Criteria to search for the User to update.
- Select the Users to Update by checking the checkbox on the left of the Username and apply one of the following Actions:
- Un-map
- Map
- Create User
- Click on Actions > Import to import new Users through the Active Directory.
Check the Validations & Restrictions Table for a list of available Actions when working with LDAP Integration, including each Action's related restrictions and validations. View the Attributes Table below for a comprehensive description of the LDAP Integration fields.
Validations & Restrictions
| Action | Restrictions |
|---|---|
| Any LDAP related action | To use an action related to LDAP Users the User Authentication Settings - Authentication Policy must be configured to Authenticate using LDAP. |
| Import Users |
|
| Map |
|
| Un-map |
|
| Create Users |
|
LDAP Attributes
| Name | Description |
|---|---|
| Main Information | |
| Users Imported | Totalnumberofimported Users. |
| Users Mapped | Totalnumberofmapped Users. |
| Users Activate | Totalnumberofactivated Users. |
| Security Groups Imported | Totalnumberofimported Security Groups. |
| Domains Used | Totalnumberofused Domains. |
| Domains Imported | Total number of imported Domains. |
| Latest Import Date | The latest date on which Users were imported. |
Person Name | The person name of the LDAP User in Active Directory/LDAP. |
| LDAP Users | |
Username | The username of the LDAP User in Active Directory/LDAP. |
| Person Name | The Name of the User. |
Security Group Name | The LDAP User's Security Group (available through Active Directory). |
CRM.COM Username | The LDAP User's Username in CRM.COM. |
Is Mapped | Indicates whether the LDAP User is mapped to a User account in CRM.COM. |
Is Active | Indicates whether the LDAP User is 'Active' or not. |
Available Actions for LDAP Integration
The Action to Import Users is available from the Top Menu.
The Actions to Map, Un-Map and Create new Users are available from the LDAP-USERS Section.
Import Users
- Navigate to LDAP INTEGRATION.
- From the Actions Menu click on ACTIONS > IMPORT USERS.
- From the Import LDAP Users modal select the Security Group by clicking on the drop down list.
- Click on SUBMIT.
- Once the Users are imported in CRM.COM they can be viewed in the LDAP-USERS Tab.
Mapping Imported Users to CRM.COM Users
Once the LDAP Users are imported and become available in CRM.COM they can be mapped to CRM.COM Users with the following procedure:
- Go to the LDAP-USERS Tab.
Select the User you want to map.
• Use the criteria to search for the Users to be un-mapped.
• Only one User can be mapped at a time.- From the Menu click on ACTIONS > MAP.
- Using the modal window, search for the CRM.COM User to be mapped to the LDAP User.
- Click on SUBMIT.
Creating new CRM.COM Users from Imported Users
Once Users are imported and available in CRM.COM, they can be used to create CRM.COM Users. The process enables the creation of multiple Users at a time.
- Go to the LDAP-USERS Tab.
Select the Users you want to create in CRM.COM.
• Use the criteria to search for the Users to be un-mapped.
• Multiple Users ca be created at a time.- Click on ACTIONS >CREATE USERS.
- Follow the process as described in Bulk Users Creation.
Un-map Users
There is the option to remove the mapping between LDAP Users and their CRM.COM User account. This results in LDAP Users being no longer able to login to CRM.COM using Active Directory credentials and having to use their CRM.COM User accounts credentials.
The un-mapped LDAP Users can be consequently mapped to another CRM.COM User account, as the LDAP User information is kept in CRM.COM even if it is not mapped to an Account.
- Navigate to LDAP INTEGRATION.
- Go to the LDAP-USERS Tab.
Select the User to un-map by checking the checkbox on the left of the Username.
Use the criteria to search for the Users to be un-mapped.
- Click on ACTIONS >UNMAP.
Password Ageing Warning
User Accounts imported from Active Directory can be handled through CRM.COM. The System is responsible for informing Users about their Active Directory Password Expiration. The Expiration Date is retrieved through Active Directory.
Upon logging in, CRM.COM displays a warning message informing the User of the number of days left until their password expires. The Users can then follow one of the processes described in Managing Users for updating their Passwords.