Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
tutorial:adm:manage_ad [2019/10/23 10:33] doischert [Scheme] |
tutorial:adm:manage_ad [2019/11/20 12:16] doischert [Distinguished Name (DN), Common Name (CN)] |
||
---|---|---|---|
Line 97: | Line 97: | ||
* **Uid Attribute** - this is one of the most important option. It defines the primary key/UID of the account. Attribute values will be stored in CzechIdM for each account. Must be unique and should not change. **It is strongly advised to use " | * **Uid Attribute** - this is one of the most important option. It defines the primary key/UID of the account. Attribute values will be stored in CzechIdM for each account. Must be unique and should not change. **It is strongly advised to use " | ||
* **Object classes to synchronize** - usually the same as "Entry object classes" | * **Object classes to synchronize** - usually the same as "Entry object classes" | ||
+ | * **Specified attributes to be returned** - default " | ||
+ | |||
+ | <note warning> | ||
<note important> | <note important> | ||
Line 129: | Line 132: | ||
<note tip>It is possible you will not see the full scheme even with root suffix set to the top container. In that case, check that schemas are not stored separately and if they are, set root suffixes to the appropriate DC.</ | <note tip>It is possible you will not see the full scheme even with root suffix set to the top container. In that case, check that schemas are not stored separately and if they are, set root suffixes to the appropriate DC.</ | ||
- | <note warning> | + | <note warning> |
If you want to use the workflow for groups synchronization, | If you want to use the workflow for groups synchronization, | ||
Line 219: | Line 222: | ||
{{ : | {{ : | ||
+ | ===== ldapGroups not returned ===== | ||
+ | |||
+ | If you are running on a Windows server, the ' | ||
===== Connection via SSL not working ===== | ===== Connection via SSL not working ===== | ||
If you just imported root certificate to IdM truststore, but SSL connection to AD is still not working try following method to find which server hostname you should use. | If you just imported root certificate to IdM truststore, but SSL connection to AD is still not working try following method to find which server hostname you should use. |