Automatic OU lookup from the Corporate Directory (User Visibility)
Administrators might generate LDAP validation errors from manually entering LDAP options in the Cloud Extender® Configuration Tool. In the Cloud Extender 2.93 release, administrators can now automatically search and select from a list of options (search roots, filter groups) that automatically populate the Cloud Extender Configuration Tool LDAP/Advanced Mode configuration screens
LDAP Domain Controller server search
From the Server Name field, click the magnifying glass icon. The Cloud Extender Configuration Tool tries to locate the LDAP Domain Controller and auto-fill the Server Name field with a well-formed LDAP host name (for example: forest35.fiberlinkqa.local).
If the Cloud Extender Configuration Tool cannot determine the host name, an error message is displayed and the administrator must enter the server name manually. The port number defaults to the secure LDAP port 636.
Search user bases
The User Visibility module uses the same search method as the User Authentication module. The administrator can either enter one or more search bases manually, or click the magnifying glass icon to start the search.
The Cloud Extender Configuration Tool connects to the LDAP server (server/port configuration that is entered on the configuration screen) and runs a query for a list of potential search bases. The query results are organized by OU depth (the number of components in the OU) and displayed in a tree control that is ordered from the shallowest to the deepest depth.
The first two nodes in the tree view are expanded by default since most user search bases are derived from these levels of depth. The administrator can select individual search bases by checking the box next to the node.
Checking the root check box for a node automatically selects or clears all child nodes. Each select or clear action results in an updated list of currently selected search bases in the list box on the right side of the screen. When the window is displayed, any existing search bases from the LDAP configuration screen are checked by default.
Click OK to populate the user search base list in the LDAP Search Base for Users section of the User Authentication configuration screen.
Filter LDAP groups
When specifying LDAP groups in the Filter by Groups section, the administrator must enter the Distinguished Name of each group. However, manually entering these options incorrectly might cause validation errors. A new magnifying glass icon was added to the Filter by Groups section that allows administrators to search for all groups on the LDAP Server based on the server/port configuration entered in the server list box.
If more than one server is available, the first server in the list is used. If no group search base is configured on the User Visibility screen, the entire domain is searched. If a group search base is configured, the search results include only those groups within the search base. If more than one group search base is configured, the search results include all groups in either of the search bases minus duplicate entries. Results are displayed in a Grid View control with the group's Common Name in the left column and the group's Distinguished Name in the right column.
When the window is displayed, the group search bases that are currently configured are displayed and selected by default. The administrator can select one or more entries and click OK. The Distinguished Names of each selected group are returned and added to the group filter list box.