After you generate the LDAP properties file, test the connection
to the LDAP server by searching for an LDAP user with the manual user
import process.
After you set up LDAP configuration data and generate
the cmbcmenv.properties properties file, test
that the properties are correctly configured to connect to the LDAP server. If
you can find an LDAP user in the LDAP directory from the system administration
client, then the properties file is correctly configured. To search
for an LDAP user, you create a user and use the manual user import
function as a search tool to find that user in the LDAP directory.
Tip: The process to import an LDAP user manually is available
from the function to create a user in the system administration client.
The manual method of importing users is convenient if you want to
import only a few users. However, the LDAP user import utility is
a more effective option if you need to import many users and user
groups, such as when you are setting up LDAP for the first time. By
using the LDAP user import utility, you can also set up a schedule
to synchronize users and groups from the LDAP directory to the library server.
To test your connection to LDAP by searching for a user:
- Expand Authentication in the system administration tree.
- Right-click Users and click New. The New User window opens.
- On the Define Users page, click LDAP. The Import users from LDAP window opens.
- The LDAP Server Hostname field displays the host name of the LDAP directory server from which
you are importing users. If you want to import users from an LDAP
directory server other than the one that is listed, you must change
the configuration by using the LDAP configuration tool.
- Type the name of the user ID or user
IDs that you want to find in the Find users field. For fuzzy searches, use the radio buttons to narrow your
search.
- To search for multiple users associated with the default user
attribute, click the User attribute button.
User attributes help describe the identity of the user. For example,
the user attribute C identifies the country that the user operates
from. You designate the default user attribute in the LDAP configuration
tool.
- To search for multiple users associated with an attribute
other than the default attribute, click the Other attribute button and specify this attribute in the text field.
Tip: If you right-click in the Other
attribute text field, a list of possible attributes displays.
This list might not be the complete list of attributes available on
the system. You can obtain a full list of valid user attributes from
your LDAP administrator.
- Click Find to
conduct the search. The list of users retrieved from the search is
displayed.
If the search finds the user, then the connection to LDAP
is correctly configured. You can continue with the next step of LDAP
integration.
If you choose to complete the import process for
this test user, remember the following restrictions:
Restriction: When you import LDAP user information, the LDAP
user names must not contain the percent character (%), which the library
server interprets as a search wildcard. For example, the user ID "j%smith"
is not interpreted as a specific user ID. Instead, it is interpreted
as "j" followed by any character, followed by "smith". If a user name
contains the percent character, then the system administration client
does not return the correct user properties when other user IDs match
the pattern.
Important: If
a distinguished name (DN) for a user changes later, you must reimport
the user.