Synchronizing with a Network Directory Service

Previous  Home topic  Next  Print this topic Send Feedback

If you manage a directory of users on your network outside of PerfectForms™, you can use the synchronize option to dynamically update PerfectForms™ with the contents of your directory. Note that changes to users in PerfectForms™ cannot be migrated back out to your directory at any point; synchronization is a one-way process. The PerfectForms™ system still maintains its own database of users. For each user, only a single unique identifier (e.g. Distinguished Name, or UID) is stored in its database.

 

When a user logs in, their credentials are verified in the Directory Service. If the authentication is successful, the user is logged in based on the mapping of the single identifier. If the user does not already exist in the PerfectForms™ database, a new user is automatically created in the PerfectForms™ database. This means that every user in the Directory Service is automatically a PerfectForms™ user, even if there is no entry yet in the database.

 


Note: If you attempt to synchronize when using a self signed certificate the synchronization will fail. In these cases go to the Account Settings and select the option to Ignore SSL certificate errors.


 

To synch your directory to PerfectForms™:

 

Document Icon

1.Go to the Settings Dashboard.
2.In the tree, expand Account Settings > Users > Synchronize.
3.In the details area, configure the call to the directory service. Enter the directory service's host machine IP address, port, and other connection credentials. (** See Note below)

Synchronize Page

4.In the Look Up area, enter the context distinguished name (Context DN) from active directory. Optionally, specify a filter (for example, CN=a* which only returns entries where the common name starts with 'a').
5.In Attributes Mapping, sample attributes are supplied but you must enter the Unique ID attribute exactly as it appears in your active directory structure. The attribute name in your system is also needed for First Name, Last Name and Email (for example, userPrincipalName).
6.Optionally, you can automatically assign users to a user-group and/or position. Select the corresponding Synchronize check box under each of those sections and enter the active directory attribute name that contains that information.
7.Optionally, assign a default log-in type. Limited User is selected by default since this option does not use up a license.
8.Additional attributes can be mapped including Domain Username, Phone, Custom ID and more.

Note: If the page does not show all options, you may need to expand the Dashboard. To do this, click the handle on the right side of the page and drag to the right.


9.Click Apply Changes.
10.Click Test Connection. If your connection is not successful, you may have entered incorrect information in the Connection area. Verify your Host IP, Port, and binding.

Video Tutorial: Synchronizing with a Network Directory Service

 

Importing a form Video Tutorial

 

Shows how to synchronize with LDAP directory service to maintain and update user details

 

 

 

 

 


Note **:

When the Directory Service's host machine is accessed from outside its internal network it should have its own external IP address or the external IP address should be forwarded to its internal IP address. The PerfectForms™ On Demand server will always be outside the Directory Service's host machine's network.


 


Updated: 20/09/2013  Page url: http://www.perfectforms.com/Documentation/manual/html/?fg_synchronizing_users__user_grou.htm
PerfectForms™ -- forms software, workflow software, and business process management