...
GEODI also has LDAP/Active Directory support.
The machine where GEODI is installed must be in the same domain.
LDAP groups are not supported, authorization groups must be defined in GEODI.
Management for users coming with LDAP takes place on the Active Directory side.
When passwords kept in LDAP change, it also affects GEODI.
When users are deleted from LDAP, they cannot enter GEODI.
You add LDAP users when you map them to Groups. When you type the user name, if there is a user with a similar name in LDAP, it is presented as an option. This makes it easier to manage a network with many LDAP users.
LDAP users appear as domain\username. The management of these users is entirely on the AD side, so no additional option is provided..
GEODI Notification services use the emails of LDAP users defined on the AD side.
Folder and file based authorizations given on the AD side are used by GEODI. GEODI cannot exceed AD side restrictions but can set new restrictions. SupportLDAPPermissions must be set to true in the project detail settings ContentReadereEnumerators settings to use the folder authorizations given on the AD side.
...
...
Under Enumerator or Project GenericSettings:
LDAPUseDriveSharePermissions → Default value is true, can be disabled by setting it to false.
| Code Block |
|---|
"LDAPUseDriveSharePermissions":false |
LDAPUseBuiltinPermissions → Default value is true, can be disabled by setting it to false.
| Code Block |
|---|
"LDAPUseBuiltinPermissions":false |
When settings are changed, re-scanning is not required. The new settings are applied to existing content using the "Adjust Permissions" feature.
Manage Authorizations
You specify which authorizations are used for each group.
...