Dec. 22, 2015
The integration of CloudPortal Business Manager with Directory server (specifically Active Directory) can be done in both modes, PUSH & PULL. CloudPortal Business Manager supports either the PUSH or the PULL mode for any of the installations. However, these modes have to be configured during deployment.
In the PULL mode, CloudPortal Business Manager can import the user details from the Directory server. Once user is imported & created in the CloudPortal Business Manager, user gets an email for verification. After user verifies the email, he will be able to log into the CloudPortal Business Manager system. While logging in, user credentials are passed to Directory Server for authentication. Upon successful authentication from the Directory server, CloudPortal Business Manager allows the user to log in. CloudPortal Business Manager does not store any password in its database once this setting is enabled.
Any other details in the same configuration page are not used for the PULL mode.
In the PUSH mode, CloudPortal Business Manager can add the user & user details to the Directory server. Once user is created in CloudPortal Business Manager, his details will be listed in the Directory server. Upon email verification, user is asked to set the password, which is set in the Directory server. CloudPortal Business Manager supports edit user, reset password & user sign-up operations through PUSH mode. As in case of PULL, even in PUSH mode, user passwords are not stored in CloudPortal Business Manager DB.
For PUSH mode, Directory server URL has to be ldaps & port has to be 636.
Change the first.name.mapping property to givenName which by default comes to cn to avoid multiple values of cn.
CloudPortal Business Manager does not store any password details when directory server is enabled.
If the Directory server is Active Directory, make sure the set " is.active.directory" flag to true.
User.additional.attributes is an optional field. If you want any key to have any particular value on directory server when user is getting created you can mention here.
User.enablement.attributes is an optional field. If you want any key to have any particular value on directory server when user is verifying himself from the activation link, you can mention here.
Make sure is.ssl.on is true if you are using ldaps protocol.