LDAP server
The synchronization with the data source located on the LDAP server. The configuration window for synchronizing user list with this data source type is split into four tabs, each of which is described below.
Settings
The tab allows you to select additional information saved in the WEBCON BPS database.
1. Server
The address used by the WEBCON BPS platform to connect with the LDAP server in order to access a directory.
2. Base node
The field enables defining the initial point in the directory hierarchy from which all the searching operations begin.
3. LDAP user identifier
The field contains the name of a user who is authorized to search the LDAP directory. Such a user acts as a proxy in connecting with the LDAP server and searching information.
4. LDAP group identifier
The field contains the name of the group authorized to search the directory.
Mappings
The tab allows you to define which attributes from the LDAP server correspond with specific attributes in the local database. This enables the system to map information between the LDAP data source and the WEBCON BPS system in a consistent and accurate manner.
1. Required attributes
The table contains attributes which as a result of synchronization must be available for users to be correctly configured in the local BPS system. The Cache property column refers to the attribute in the local database which will store such information. On the other hand, the LDAP property column defines which LDAP server attribute is mapped onto the property in the local database.
2. Optional attributes
The table allows you to define additional attributes which can be synchronized from the LDAP server, but are not required. Similarly to the Required attributes table, the Cache property column refers to the attribute stored in the local database, whereas the LDAP property column indicates which LDAP server attribute is to be mapped.
Schedule
The tab allows you to specify when the synchronization is to be executed. To maintain an optimal level of data currency within the WEBCON BPS platform, it is recommended to perform synchronization several times a day.
1. Hours during which full user synchronization is activated
The field allows you to define the time at which full user synchronization is executed. This involves retrieving and updating all the data pertaining to groups and users, regardless of whether the data has changed since the last synchronization.
Full synchronization may require significantly more time compared to the incremental method. It is advised to employ this mode only when it is duly justified.
2. Hours during which incremental user synchronization is activated
The field enables you to specify the timing for incremental synchronization. In this mode, data related to groups and users is updated differentially, meaning only the data of objects (users and groups) whose properties have been modified since the last synchronization is updated. The incremental synchronization also updates the status of added or deleted objects. For optimal performance, it's advised to set this mode as the default one.
Advanced
The tab offers the choice of two synchronization types: Synchronize the user list and Synchronize the user list in Debug mode (in contrast to the synchronization with the Active Directory or Azure Active Directory data source, it is possible to execute only full synchronization) and enables filtering searching results and defining error codes that interrupt synchronization.
1. Additional search filter to use during synchronization
By setting up a filter, only users and groups that meet its criteria are synchronized. Additionally, dependent objects of these users and groups (such as groups to which a user or their superior belongs) are also synchronized. In the case of dependent objects, the filter is not applied.
The filter applies to every synchronization type. When limiting synchronization to the selected organizational units, the filter is added to the filter for the specified unit.
2. Error codes causing synchronization interruption
The list of error codes that interrupt user synchronization.
The full list of codes is available here. All other error codes do not result in interrupting the user synchronization (the synchronization is completed with an error and the respective information is registered in the log).
3. Synchronize the user list
The section provides two buttons:
- Incremental synchronization – the user and group data is updated differentially. This means that the system synchronizes only the data of those objects (users and groups) whose properties have been changed since the last synchronization. The incremental synchronization also updates the status of added and removed objects. For optimal performance, it is advised to use this mode as the default one.
- Full synchronization – the system retrieves and updates full data on all groups and users, regardless of whether it has changed since the last synchronization or not. The full synchronization requires much more time than the incremental one. For this reason, it is recommended to select this mode only in duly justified cases.
4. Synchronize the user list in Debug mode
The synchronization in the Debug mode allows you to collect additional information on the progress of synchronization. During the synchronization the log registers detailed diagnostic information due to which the synchronization can take more time. The Debug mode enables detailed analysis of individual synchronization steps and should be applied only for diagnostic purposes. Like in the case of standard synchronization mode, there are buttons provided for executing full and incremental synchronization. Furthermore, the Selected users synchronization – Debug button enables synchronization of a single user by entering their BPS ID.