Introduction to Visual Intercept LDAP Integration

 

Introduction to Visual Intercept LDAP Integration

The release of Visual Intercept v3.7 introduces an LDAP integration that allows Visual Intercept administrators the ability to search and query Active Directory for domain users. This integration allows for the automatic creation of Visual Intercept users and contacts based upon user information contained the Active Directory as well as the ability to attach members to security groups which match those groups found in Active Directory.

Enabling Visual Intercept LDAP integration

To enable the LDAP integration, you must do so in the IIS snap-in Logon tab. Once enabled, the Visual Intercept LDAP integration can be configured in either the Visual Intercept Web Administrator’s Tools|Configure|Integration tab or in the IIS Visual Intercept snap-in Options|Logon tab.

  • Use LDAP for authentication – Select this option to turn on the LDAP integration.
  • Query - This is the query that is submitted to LDAP. The query will return a result set that will be filtered for the user being authenticated. Two examples of valid LDAP queries are;
    • Specifiy LDAP://rootDSE to search the default domain
    • Specifiy LDAP://<domainname.local> to search a specific domain
  • Create user if user does not exists - With this option selected Visual Intercept will create and add a User to the Visual Intercept database if the user is successfully authenticated against LDAP and does not already exist in Visual Intercept.
  • Update contact information - With this option selected Visual Intercept will either add a new contact or update and existing contact associated with the authenticating UserID.
  • Update group security - With this option selected, Visual Intercept will update group security for users based on an exact match of the domain group to a Visual Intercept security group.

To change the LDAP configuration in the Visual Intercept Web Administrator, select the menu Tools|Configure|Integration tab and scroll down to the section labeled LDAP.

  • Use LDAP for authentication – Select this option to turn on the LDAP integration.
  • Query - This is the query that is submitted to LDAP. The query will return a result set that will be filtered for the user being authenticated. Two examples of valid LDAP queries are;
    • Specifiy LDAP://rootDSE to search the default domain
    • Specifiy LDAP://<domainname.local> to search a specific domain
  • UserID - The domain user account which has security credentials sufficient to query the domain.
  • Password - The domain user password.
  • Create user if user does not exists - With this option selected Visual Intercept will create and add a User to the Visual Intercept database if the user is successfully authenticated against LDAP and does not already exist in Visual Intercept.
  • Update contact information - With this option selected Visual Intercept will either add a new contact or update and existing contact associated with the authenticating UserID.
  • Update group security - With this option selected, Visual Intercept will update group security for users based on an exact match of the domain group to a Visual Intercept security group.

If you have other questions about issues not included in or beyond the scope of this Tech Tip, please contact Elsinore Technical Support Services at or 866.866.0034, option 2.
 
©2005 Elsinore Technologies | All Rights Reserved