Navigation:  »No topics above this level«

Setting up and running user synchronization

 Previous  Top  Next

This tutorial is intended for professionals of the area with prior knowledge of the issues involved, as well as having administrator access to the server running the directory service, as well as the SE Suite Configuration and Administration components.

 

It is important to mention that we recommend the existence of a planning step before starting to deploy the integration of SE Suite with a directory service, so that it is possible to find the best configuration for the structure of the organization, considering that there are several variables which change from one environment to another and, although this manual attempts to guide most possible configuration scenarios, it is still possible that the structure presented requires a unique configuration to meet all the planned requirements. Here are some points that should be raised in the planning step:

oVersion of the server that has the directory service installed;

oAuthentication methods and version of the protocols that will be used;

oCommunication mode for the user synchronization process;

oRelease of ports and services for SE Suite to have access to resources;

oDirectories and user filters for synchronization;

oPeriodicity of synchronization and how it will be started;

oBrowsers used in client workstations.

 

SE Suite supports synchronization of users with a Microsoft Active Directory directory service or OpenLDAP via the LDAP communication protocol.

 

The system can communicate with the directory service in two ways:

Direct communication: If the system server is running in the same directory service domain, or the service is available for external access, communication for user synchronization can be done directly via the LDAP protocol. Otherwise, the SE Identity alternative should be used.

SE Identity application: This is a feature made available for situations where the system server does not have direct access to the directory service, which is very common in clients hosted on a cloud server. In this way, the application acts as an intermediary between the parties, running directly within the directory service network and transferring user data into the system.

 

In the next sections, a step-by-step of the configuration and execution of the process of synchronization of users will be presented, using the direct and indirect communication mode via SE Identity. Remember that it is not possible to use the two forms of communication together, and SE Identity should be chosen only if the SE Suite server does not have direct access to the directory service.