Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
tutorial:adm:manage_ad [2020/01/14 13:45]
apeterova failover tip 		tutorial:adm:manage_ad [2020/02/27 16:32]
kotynekv [Connector configuration] vlv sort attribute warning
Line 103: Line 103:
 <note warning>If you are setting this on a Windows server, make sure to delete the 'Specified attributes to be returned' values and write them manually. Otherwise, ldapGroups will not be returned. </note> <note warning>If you are setting this on a Windows server, make sure to delete the 'Specified attributes to be returned' values and write them manually. Otherwise, ldapGroups will not be returned. </note>
  
-<note important>Beware on **useVlvControls** option. CzechIdM now only supports vlv control, so **useVlvControls** option should be enabled and **vlvSortAttribute** must be set (recommended option - 'sAMAccountName').</note>+<note important>Beware on **useVlvControls** option. CzechIdM now only supports vlv control, so **useVlvControls** option should be enabled and **vlvSortAttribute** must be set (recommended option - 'sAMAccountName'). **DO NOT** use **CN**, **distinguishedName** or any other unindexed attribute or you'll end up with "[LDAP: error code 12 - 0000217A: SvcErr: DSID-03140414, problem 5010 (UNAVAIL_EXTENSION), data 0 
 +];" error</note>
  
 <note important>Since connector version 1.3.4.25 we support change of **sAMAccount** name, even if it is used as identifier (in provisioning mapping use sAMAccountName instead of \_\_Uid\_\_)</note> <note important>Since connector version 1.3.4.25 we support change of **sAMAccount** name, even if it is used as identifier (in provisioning mapping use sAMAccountName instead of \_\_Uid\_\_)</note>
Line 242: Line 243:
 ===== Failover ===== ===== Failover =====
  
-The configuration property Failover is used when the primary server (configured in the Server hostname) is unavailable. Please note that this property is not used in the case that the primary server is accessible on the given port, but there is some other problem with the communication (e.g. the credentials are incorrect).+The configuration property Failover is used when the primary server (configured in the Server hostname) is unavailable. The attribute contains a list of AD servers that connector can use. 
 + 
 +Please note that this property is not used in the case that the primary server is accessible on the given port, but there is some other problem with the communication (e.g. the credentials are incorrect). 
  
 The value of this property must be a proper URL, e.g. ''<nowiki>ldaps://some.hostname:636</nowiki>''. The value of this property must be a proper URL, e.g. ''<nowiki>ldaps://some.hostname:636</nowiki>''.
  • by neznajf