Configuring Liferay's LDAP Settings to Import Users

This article shows basic configuration of how to setup Liferay to import users from an LDAP server through the graphical user interface.

Resolution

Please note that the Control Panel interface changes from Liferay Portal version to version. The exact steps for accessing the Control Panel and portal settings may differ depending on Liferay Portal version.

    1. To enter the LDAP settings, go to Control Panel > Settings and under Configuration click Authentication > LDAP.

      01LDAP-1.png
      To enable LDAP, check Enable. By checking this, it will enable Liferay to use LDAP authentication. By default Liferay imports users in a 10 minutes interval. Additionally when an LDAP user logs into Liferay, that user's information will be imported right at that moment. If the user does not need to constantly synchronize the entire user pool, then the import interval's value should be raised to a higher value. This can be achieved by modifying the property portal-ext.properties:

      ldap.import.interval=10


      Under Import/Export, check Import Enabled. When checked, the user will import all the users. Additionally you can set if you want to import users at portal startup.
      Import on Startup Enabled
      Leave Export Enabled unchecked.

    2. Click Add to add an LDAP Server.
      Enter the name of the LDAP Server at the top.

      There is a radio button list of default choices; clicking these will help fill out the default values.
      Here is an example:

      02LDAP-2.png


  1. Click Test LDAP Connection to validate.

  2. For this example, in the Users field, leave these as the default, except for the Authentication Search Filter field. Change the (sAMAccountName=@user_id@) to (sAMAccountName=@screen_name@), if authentication will be by screen name. If the user wishes to change how users login (Ex. Login with screen name), then change the settings in theAuthentication Search Filter field.

    03LDAP-4.png
    Click Test LDAP Users. This is an example result of the Test Users button.

    04LDAP-3.png
    In the Group field, users can alter how groups are imported. The example left these as the default.

    05LDAP-5.png

  3. Fill out the rest of the form accordingly then click Save. Please note that only users with Screen Name, Password, Email Address, First Name, and Last Name will be imported. These are necessary attributes Liferay needs to create a user internally. Last Name might change from version to version.

    If the option Import on Startup Enabled has been checked, then users can restart their application server to immediately trigger the bulk import process. Log back in, go the Control Panel > Users and the imported Users will appear.

    06LDAP-6.png

¿Fue útil este artículo?
Usuarios a los que les pareció útil: 2 de 2