Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:wizards [2021/02/26 13:05]
svandav [Additional data] 		devel:documentation:wizards [2021/03/01 12:33]
svandav
Line 38: Line 38:
 The complication starts in communication with AD. Here it is very important to use **secure communication** (SSL), which requires the installation of a **correct** **certificate**. It is also important to verify that our service AD account has sufficient privileges. The complication starts in communication with AD. Here it is very important to use **secure communication** (SSL), which requires the installation of a **correct** **certificate**. It is also important to verify that our service AD account has sufficient privileges.
  
-However, the biggest difficulties can occur with many rules that must be followed during the connection (**connector settings**) and especially in the way to correctly map the individual attributes of AD. Just choosing the right attributes to be mapped to AD may not be easy for an ignorant user.+However, the biggest difficulties can occur with many rules that must be followed during the connection (**connector settings**) and especially in the way to correctly map the individual attributes of AD. Selecting the correct attributes to map to AD may not be easy for inexperienced users.
  
-**This guide therefore solves all the mentioned problems** and is based on **our best experience** of how to effectively manage an AD system.+**This wizard therefore solves all the mentioned problems** and is based on **our best experience** of how to effectively manage an AD system.
  
  
Line 73: Line 73:
  
 ==== Attributes ==== ==== Attributes ====
 +In the penultimate step, the wizard prompts you to specify which attributes of the user account in **AD** you want to manage and from which identity attribute in IdM you want to fulfill them.
  
 +The wizard automatically offers **the most frequently used attributes and their typical fulfillment from CzechIdM**. If there are some attributes that you do not use in your AD or do not want to fulfill, disable them or remove them from the list altogether.
 +
 +**The wizard automatically sets even the most common transformation rules for fulfillment.** For example, to fill ** DN (_ NAME _) ** or ** displayName **, where it selects the first and last name combination. If you want to perform some attributes with a different transformation than the one listed here, you can now deactivate the attribute and later modify the transformation to your liking.
  
  
Line 79: Line 83:
  
 ==== Conclusion ==== ==== Conclusion ====
 +**The last step** of this wizard only informs you about the successful completion and allows you to be redirected to the detail of the new system. For example, **you can immediately start a pairing sync** on this detail, which loads the users in the OU you specify and tries to pair them with existing users in IdM.
  
 +<note tip>The new system is installed on **READ-ONLY** for safety reasons. This means it cannot perform an active operation on the AD (create/edit/delete). To turn off **READ-ONLY mode**, you can do so on the '**Basic information**' tab using the '**State**' item.</note>
  
  
 {{ :devel:documentation:wizard_ad_06.png?600 |}} {{ :devel:documentation:wizard_ad_06.png?600 |}}
  • by svandav