Microsoft Active Directory

]po[ supports integration with Microsoft Active Directory  which is part of Microsoft Windows Server. The integration allows for both authentication and import of users.

Import of User Data

The following LDAP fields are used for the ]po[ user base information.

In the second line of every field we use example values of "Peter Pan <ppan@milkyway.com>" and specify where the LDAP vales are stored in the ]po[ database (table.column).

  • givenName:
    "Peter" -> person.first_names
  • sn (LDAP surname):
    "Pan" -> person.last_name
  • mail:
    "ppan@milkyway.com" -> party.email.
    Please consider that party.email is a "unique" field, so that you can't have two users with the same email. During the LDAP import, a data of a second user will overwrite the data of a first user with the same email.
  • displayName:
    "Peter Pan" -> users.screen_name
  • sAMAccountName (LDAP Windows account name):
    "ppan" -> users.username
    Please consider that users.username is a "unique" field, so that you can't have two users with the same username. During the LDAP import, a data of a second user will overwrite the data of a first user with the same username.
  • wWWHomePage (LDAP user's home page):
    "www.milkyway.com"  -> party.url 
  • userAccountControl:
    Controls whether a user has been disabled in Active Directory. The AD value "514" indicates a disabled users. ]po[ will set the user status to "banned" for these users.

Employee information:

  • department (LDAP department name):
    "Sales" -> im_employee.department_id
    ]po[ will create new departments during the import with the specified department name. You can update the department hierarchy in Admin -> Cost Centers.
  • company (LDAP company name):
    Name of the user's company. ]po[ will search in the list of companies for a matching company name or company path (ignoring upper/lower case). Please study the configuration information about how to setup companies in ]po[.

User telephone information:

  • telephoneNumber:
    "+1 234 567 890" -> users_contact.work_phone.
  • mobile (LDAP mobile phone number):
    "+1 345 678 901" -> users_contact.cell_phone
  • facsimileTelephoneNumber (LDAP fax number):
    "+1 456 789 012" -> users_contact.fax
  • pager (LDAP pager number):
    "+1 567 890 123" -> users_contact.pager.

User address information:

  • streetAddress:
    "Milkyway Roadway, 123" -> users_contact.wa_line1
  • l (LDAP city):
    "Milkycity" -> users_contact.wa_city
  • countryCode:
    "us" -> users_contact.wa_country_code
  • postalCode (LDAP ZIP code):
    "01234" -> users_contact.wa_postal_code
  • st (LDAP state):
    "OR" -> users_contact.wa_state

LDAP Driver Configuration

Please see the auth_ldap_adldapsearch package for details of the Active Directory driver configuration.

  Contact Us
  Project Open Business Solutions S.L.

Calle Aprestadora 19, 12o-2a

08902 Hospitalet de Llobregat (Barcelona)

Spain

 Tel Europe: +34 609 953 751
 Tel US: +1 415 200 2465
 Mail: info@project-open.com