Directory Services (LDAP) Connections

PerfectForms™ Help Guide > Administering and Integrating PerfectForms™ > Administering Connections and Integration > Creating PerfectForms™ Connections >

PerfectForms™ allows you to connect to a directory service using LDAP (Lightweight Directory Access Protocol). PerfectForms™ does this by communicating with the connection agent which ensures that security concerns are addressed.

Directory services functions in a very similar way to the database connections.

Interactive Example

For a demonstration of a database connection used in a form, see the Database Lookups Examples topic (available only in the online version of this help guide).

The connection agent details will usually be the same as for the database connections. However, if you have databases or directory services at different physical locations then you may also have different connection agents installed.

We suggest the use of an LDAP tool if you do not already have one. This lets you explore your directories before you begin the detailed configuration. If you are already familiar with your LDAP setup then this is not necessary. OpenLDAP from http://www.openldap.org/ and http://ldapadmin.sourceforge.net/ are examples of such a tool. Reference the LDAP Lookups Examples topic if you would like to see an example of how the PerfectForms™ application can connect to an LDAP server.

The following steps need to be followed on the connection agent in order to prepare it to receive requests from PerfectForms™.

1.	Locate the Tomcat 6.0\webapps\PerfectFormsAgent\WEB-INF folder. Look for config.xml and open it for editing.

2.	Within the <datasources> element, add (or edit) a <datasource> element as follows:

<datasource name ="My LDAP" id="<unique id number>" server="<IP address or Server Name>" port="389 or

636 type="ldap"> <database name ="LDAPServerName" id="<unique id number>" db="<Distinguished

Name>" user="<Your LDAP User Name>" password="<LDAP User Password>" login="<Agent Login Name>" />

</datasource>

For the <datasource> element:

name: This name will appear as a Connection Name within PerfectForms™

id: Should be unique within the <datasources> element

server: This is the actual LDAP server name

port: For LDAP servers not requiring SSL access, use 389. If your LDAP server uses SSL then you should specify 636 (unless you have configured your server otherwise)

type: Always use "ldap"

Within the <database> element:

name: Name or IP Address of your LDAP server

id: This is a unique id text or number within this LDAP <datasource> element

db: This is the distinguished name of the LDAP server you wish to access. For example: "DC=DomainCatalog,DC=AnotherCatalog,..."

user: A valid LDAP user name (LDAP user must have administrative permissions in order to execute UPDATE, INSERT, DELETE actions)

password: The user name's password

login: Use "*" if any connection agent login name is acceptable. If you want to restrict users, then supply one or more login users separated by ','. The login names are those defined at the top of the config.xml within the <logins> element

1.	Log in to PerfectForms™. You must have administrative rights.

2.	Go to the Connections Dashboard.

3.	Click the New button and select Directory Service Connection. PerfectForms™ displays a new, empty connection.

4.	Enter the Name of this connection. This is how form designers will identify the connection, so it should be a meaningful name.

5.	Assign permissions. Choose the users or groups for whom permission will be granted. For more information, see the Connection Permissions topic.

6.	In the Details area, specify the URL of the connection agent.

7.	Enter a valid connection agent <login> Username and Password.

8.	Assign a Timeout setting if something other than the 60 seconds default is warranted for the connection.

9.	If you want this connection to be secure and you already have PerfectForms™ running in secure mode, check the Use Proxy (for SSL) check box. Click Check to verify the connection is functioning given the URL and credentials.

10.	Select the LDAP Datasource from the drop-down list and then the Distinguished Name from the drop-down list below it.

11.	Click Apply Changes to save the new connection. The screen will now show two new buttons: New Action and Delete.

Note: For additional information see Defining Connection Actions.

12.	Required: Click the New Action button to define a specific action within this LDAP Datasource. PerfectForms™ displays a new empty connection action.

13.	In most cases you will be performing lookups into LDAP. From the Type drop-down choose the SELECT action.

14.	You can enter the Distinguished Name to specify where the LDAP search should take place.

15.

In the Send Parameters section, enter any LDAP field names that should be sent to the connection agent. If you are performing a lookup, this will be the lookup field name such as the e-mail address or authenticated user name. When PerfectForms™ loads a form, the authenticated User ID is passed into the form and can be used to perform lookups into databases or, in this case, LDAP.

16.	The Return Parameters section lists the LDAP fields that are returned from the lookup (if you are performing one). These can then be mapped into form fields.

17.	In the Form Designer, add a Connect or Connect and Search behavior to any form object that should initiate this connection.

Note: Refer to the Calling the Connection from a Form topic for information on how to perform lookups and other integration actions from within a form.

Updated: 06/12/2011 Page url: http://www.perfectforms.com/Documentation/manual/html/?directory_services_ldap.htm
PerfectForms™ -- forms software, workflow software, and business process management