Table of Contents

Search

  1. Preface
  2. Starting Data Archive
  3. System Configuration
  4. Database Users and Privileges
  5. Source Connections
  6. Target Connections
  7. Archive Store Configuration
  8. Datatype Mapping
  9. Database Optimization
  10. SAP Application Retirement
  11. z/OS Source Data Retirement
  12. Seamless Data Access
  13. Data Discovery Portal
  14. Security
  15. LDAP User Authentication
  16. Auditing
  17. Running Jobs from External Applications
  18. Upgrading Oracle History Data
  19. Upgrading PeopleSoft History Data
  20. Data Archive Maintenance
  21. Storage Classifications
  22. Appendix A: Datetime and Numeric Formatting
  23. Appendix B: Data Archive Connectivity

Administrator Guide

Administrator Guide

LDAP User Authentication Maintenance

LDAP User Authentication Maintenance

After you set up LDAP user authentication, use the LDAP directory service to manage subsequent changes, such as creating or deleting users or changing role assignments.
Use the following rules and guidelines for maintaining LDAP user authentication:
Creating users
When you create users in the LDAP directory service, run the Sync with LDAP Server job to synchronize users to Data Archive. If you enabled role assignment synchronization, then Data Archive automatically synchronizes the role assignments the next time users log in to Data Archive.
Deleting users
When you delete users in the LDAP directory service, users are not automatically deleted in Data Archive. However, users that are deleted in the LDAP directory service cannot log in to Data Archive. The role assignments are deleted from the user account the next time the user attempts to log in to Data Archive.
If you do not want a user to have authorization to log in to Data Archive, you can remove all of the roles from the user in the LDAP directory service or you can delete the user in the LDAP directory service.
Adding or removing role assignments
If you enabled role assignment synchronization, any changes that you make to role assignments in the LDAP directory service are automatically synchronized to the Data Archive user account when users log in to Data Archive. If you remove all role assignments for users, then users cannot log in to Data Archive.

0 COMMENTS

We’d like to hear from you!