Use the Active Directory / Lightweight Directory Access Protocol (AD / LDAP) Connections settings to discover and import client AD / LDAP information from the client Microsoft Exchange or LDAP server. AD / LDAP Connections can perform bulk data imports of AD and LDAP directories that speeds up the client setup process and greatly reduces manual input errors. You can use the AD/LDAP Connections to synchronize Web Help Desk user information with the latest information on your Microsoft Exchange or LDAP server.
LDAP is a protocol that creates a central user database for single sign-on (SSO), allowing you to access resources and services in a network. LDAP implementations use self-signed certificates by default. To use a trusted certificate issued by a Certificate Authority (CA), you can import the certificate into your Java key store.
You can establish a secure connection from Web Help Desk to an LDAP server by selecting the SSL check box. To accept certificates issued by a CA, select the Accept only trusted Certificates check box. When selected, Web Help Desk verifies the host LDAP certificate against the certificates in your Java key store. If Web Help Desk detects a certificate that is not signed by a trusted CA or uploaded to your Java key store, Web Help Desk generates a warning in the user interface and does not store the LDAP connection.
s file contains the name, password, and location of your Java key store. This file is located in the following directory:
To update these parameters, edit the file with your new settings, save the file, and then restart Web Help Desk. See Keystore Settings (for SSL Connections) for more information.
When you import your AD/LDAP connections, use the following conventions:
To connect to a client LDAP server and import or synchronize users:
To update an existing connection, click the connection name to open it, and then click to edit.
To avoid affecting network performance, schedule the synchronization for a time when the network is least busy.
The client's last name, user name, and email must be mapped. If you are using the default schema, these fields are mapped automatically. For custom schemas, you must map these attributes manually.
Any field, including custom fields, can be mapped if the data is available in the schema.