Import Preferences window

This window configures how to import data from the LDAP server. You use this window when you are setting up your security system personnel database for the first time, or, if you would like to discard the records in the database and start again from scratch. This window initiates a “forced import.” By its nature, a forced import deletes all existing personnel records that correspond to the particular LDAP server and retrieves the entire data set again.
Figure 381.   Import Preferences window
Image

This window opens when you click System Setup > Remote Devices > Remote Drivers, followed by double-clicking the LdapNetwork driver row in the table.

Another way to open this window is to click the Import button on the Ldap Server view. You access this view by clicking System Setup > Remote Devices > Remote Drivers, followed by double-clicking the LdapNetwork driver row in the table, clicking the Ldap Servers tab, selecting the server, and clicking the Force Import from LDAP Server button (Image).

Property Value Description
User SearchBase text Defines where to start searching for personnel in the LDAP server hierarchy.

ou stands for organizational unit.

dc stands for domain controller.

dn stands for distinguished name. This name both uniquely identifies an entry in the LDAP database and describes its position in the hierarchy.

User SearchFilter text Defines the objectClass (metadata) associated with each personnel record that identifies it as a personnel record versus a system or other record type in the server database.
Search Scope drop-down list Defines how much of the User Search Base to actually search:
Group Attribute text Defines the LDAP server attribute that provides the LDAP group Distinguished Name. Each LDAP user belongs to a group.
Allow New Inactive Users true (default) or false Indicates that users may be added before they are activated in the system.
Status Attribute text Reports LDAP user status: active or inactive.
Active Status Values (Comma Separated) text values, comma separated Defines a list of values, which indicate a valid user status. This list is specific to your organization’s personnel policies.
Account Expiry Date and Time Attribute text Specifies the name of the account expiry attribute in the LDAP server. Some LDAP servers configure user accounts to expire on a specific date, at a specific time. This name identifies the attribute that contains this information.

The security system’s import job ignores data from any user account that has expired.

Related Links

  • LDAP Network view (Parent Topic)

    • Previous Link

  • New (and Edit) LDAP server window