The Users tree branch contains information about all configured user groups. Cleo VLNavigator supports authenticating users using its own database or using a directory service via LDAP. A non-LDAP user with administrative privileges, such as the default administrator user, should be defined in case the LDAP server is not functional.
Configuring the Cleo VLNavigator LDAP server
Use the LDAP Server tab in Cleo VLNavigator to configure the LDAP server to authenticate internal administrators and operators of the Cleo VLNavigator and VersaLexapplications.
Default LDAP group
On the LDAP Server tab, when an LDAP directory service is configured, the optional Username and Password fields are specified, Create/Maintain Default LDAP Group is selected, and Apply is clicked, a special user group called Default LDAP will appear under the Users tree. The Default LDAP group is a convenience group, provided as an easy way to add many users at one time. The users within this group will correspond to those shown when List is clicked (not including any users that already exist within other VLNavigator user groups).
Once created, the Default LDAP group can be disabled, refreshed, or removed by right-clicking the user group within the tree pane and selecting Disable, Refresh, or Remove. IfRemove is selected, Create/Maintain Default LDAP Group cleared for you and the group is removed. Another way to remove the Default LDAP group is to clear Create/Maintain Default LDAP Group and click Apply.
The users within the Default LDAP group cannot be edited or disabled; however, they can be moved to another user group by right-clicking on the user within the tree pane and selecting Move.
Cleo VLNavigator LDAP server configuration reference
- Enabled
- Select the check box to enable LDAP connections to the configured server. Clear the check box to disable LDAP connections. When this check box is cleared, LDAP users are not able to log in.
- Directory Type
- The product used for the external LDAP directory service.
- Security Mode
- If the directory server requires use SSL, specify a security mode. Otherwise, select None.
Cleo VLNavigator LDAP domain configuration reference
- Lookup
- Select the check box to use the value in the Domain field for retrieving SRV (Service) records for the LDAP service cluster.
- Domain
- The name of the domain from which you want to retrieve SRV records.
- SRV record table
- The SRV record table displays information about SRV records. Each row in the table represents one SRV record. Each row contains the following columns:
- Base DN
- The base organizational unit where the users are defined. Contact your directory administrator for the correct Base DN value. (The Base DN value entered here can be overridden in a local user host LDAP mailbox.)
- Search filter
- Optional. Used to limit the amount of information returned from the LDAP server when many users are defined. A more restrictive filter can be specified as a comma separated list. If necessary, contact your directory administrator to determine the appropriate attributes and values. You can override the value entered here in a local user host LDAP mailbox.
- Username Attribute
- The Username Attribute is the directory attribute that matches the username entered when a login is required. The following table contains typical attribute names for the supported directory types.
- LDAP Server Advanced Settings
- The LDAP Server Advanced Settings dialog box displays when you click Advanced on the LDAP Server tab. Use this dialog box to specify values for password expiration checking.
- Enable Password Expiration Checking
- Select this check box to enable password expiration checking and the rest of the fields in the dialog box. Password expiration checking provides a daily email notification to the system administrator.
- Warning Days Before Password Expiration
- The range of days within which a notification is generated.
- Daily Time Check
- The time of day password expiration is checked.
- To
- The email address of the recipient of the daily password expiration check notification. You can specify multiple recipients. Separate email addresses by commas (,), semi-colons(;) or colons(:).
- From
- The email address of the sender of the daily password expiration check notification. If this field contains multiple email addresses, only the first address is displayed.
- Subject
- String that appears in the Subject field of the daily password expiration check notification.
Cleo VLNavigator LDAP user configuration reference
- Email Address Attribute
- Required field. Attribute name for a user's email address.
Note: If you do not specify the Email Address attribute and you have LDAP users who try to reset a password via email, the application will not send password-reset emails.
- Phone Attribute
- First Name Attribute
- Last Name Attribute
- Full Name Attribute
- Optional fields. Other options might depend on the values you specify for these fields.
- User UID Attribute
- Required field.
- LDAP Account for Extracting Users
-
- Username
- Password
- Credentials used to login to extract LDAP user from the LDAP directory service to populate the optional default LDAP user group or when you browse for users on the Cleo VLNavigator User tab. In addition to the List button here and in each of the local user host mailbox LDAP tabs, this account is used to periodically extract users in order to check mailbox license limits and to create user subdirectories.
- Create/Maintain Default LDAP Group
- Select the check box to create the optional Default LDAP user group. Clear the check box to remove the Default LDAP user group.
Comments
0 comments
Please sign in to leave a comment.