Skip to main content

Privacera Documentation

Add LDAP UserSync connector

You can use UserSync to connect to LDAP for the purpose of connecting, pulling, or serving as data access users.

Add LDAP UserSync connector on Privacera Platform

To add an LDAP UserSync connector on Privacera Platform, follow these steps:

  1. Enable Privacera UserSync:

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.privacera-usersync.yml config/custom-vars/
  2. Enable the LDAP connector:

    cd ~/privacera/privacera-manager 
    cp config/sample-vars/vars.privacera-usersync.ldap.yml config/custom-vars/ 
    vi config/custom-vars/vars.privacera-usersync.ldap.yml
  3. Edit the following properties:

    • LDAP_CONNECTOR: The name of the this connector

    • LDAP_ENABLED: The enabled status of the connector (true/false)

    • LDAP_URL: The service URL

    • LDAP_BIND_DN: The bind DN of service

    • LDAP_BIND_PASSWORD: The bind password

    • LDAP_SEARCH_INCREMENTAL_ENABLED: Enables incremental search (true/false)

    • LDAP_SEARCH_BASE: The search base for query

    • LDAP_SEARCH_USER_BASE: The search base for querying users

    • LDAP_SEARCH_USER_FILTER: The user search filter

    • LDAP_SEARCH_USER_GROUPONLY: Syncs only users that are members of groups (true/false)

    • LDAP_SEARCH_GROUP_BASE: The search base for querying groups

    • LDAP_SEARCH_GROUP_FILTER: The group search filter

    For a full list of properties, see UserSync LDAP connector properties.

  4. Run the following command:

    cd ~/privacera/privacera-manager 
    ./privacera-manager.sh update

Add LDAP UserSync connector on PrivaceraCloud

To add an LDAP UserSync connector on Privacera Cloud, follow these steps:

Note

Configure Connector - Detect deleted users, groups and cycles by selecting the following fields under ADVANCED:

  • Search Deleted Group

  • Search Deleted User

  • Search Deleted Cycles - integer, the default value is 6. Min value is 0 and max value is 100.

  1. From the navigation menu, select Settings > Datasource.

  2. Choose a data source, click the dots icon, and select Add Application.

  3. From the Application List section, select USERSYNC.

  4. From the Service Type dropdown, select LDAP.

  5. In the Connector Name field, enter a name for the connector.

  6. In the BASIC tab, enter the values in the respective fields.

  7. From the Authentication Type dropdown, select Simple.

  8. Enable paging for UserSync using LDAP:

    1. Select Incremental Search.

    2. In the Add Custom Properties field, set the following properties:

      usersync.connector.results.paged.enabled=true
      usersync.connector.results.paged.size=<Results_Per_Page>
    3. Click Next.

  9. Complete each step and advance through the pages of the configuration wizard.

  10. Complete all BASIC values, then review and update ADVANCED values as required.

  11. Click FINISH.

Note

When you update the UserSync configuration, you should restart it. This is to ensure that your updated configuration works properly.