Configuring SE Identity via XML file
Configuring SE Identity via XML file |
|
|
As mentioned in step 2 of the Configuration for synchronization without direct access to directory service - SE Identity, it is possible to configure the application by directly changing the XML file that stores the settings. However, you should always prefer the configuration via the graphical interface, since the data will be validated as well as connection tests.
It is recommended that the direct change in this file is made by a professional with prior knowledge in the Extensible Markup Language (XML). The configuration file is located in "conf/se-identity.xml", next to SE Identity (se-identity.jar) executable.
Here is the description of each of the XML fields:
Connection with Microsoft AD ▪url: URL to access Microsoft AD using the LDAP protocol (LDAP://<host>[:port]). For example: <url>ldap://softexpert.local:389</url> ▪userLdap: Username (displayName, not login) with permission to view the data in Microsoft AD. ▪passwordLdap: User password with permission to view the data in Microsoft AD. ▪loginUserLdap: User login for LDAP server authentication.
General data ▪enable: By recording the domain in SE Suite, it defines the status as active. ▪released: By recording the domain in SE Suite, it defines the status as released. ▪ssoPort: Domain address port. ▪fgSyncLanguage: Defines the language of the synchronized user (0 - English, 1 - Portuguese, 2 - Spanish).
Domain identification ▪domain: Domain name. ▪domainIdentifier: Domain ID #.
User selection ▪importDN: Path in the directory structure where users are located. ▪userAuthorizationPattern: Filter to select the users that will be integrated with SE Suite. ▪defaultSynchronyzerFilter: ID # that will be used as a key in the first integration with users already existing in the database of SE Suite. ▪onLoginImport: If enabled, it imports the user into SE Suite as soon as it authenticates to the system (requires SE Suite direct access to the directory service via LDAP).
Group selection ▪importGroupDN: Path in the directory structure where groups are located. ▪groupAuthorizationPattern: Filter to select the groups that will be integrated with SE Suite.
Team selection ▪importTeamDN: Path in the directory structure where groups are located. ▪teamAuthorizationPattern: Filter to select the groups that will be integrated with SE Suite.
User data ▪nmSyncFieldNmDomainUID: User field in Microsoft AD that will be used as the unique ID # in the user record in SE Suite. ▪nmSyncFieldIdLogin: User field in Microsoft AD that will be used as a login in the user record in SE Suite. ▪nmSyncFieldIdUser: User field in Microsoft AD that will be used as a user ID in the user record in SE Suite. ▪nmSyncFieldNmUser: User field in Microsoft AD that will be used as username in the user record in SE Suite. ▪nmSyncFieldDsUserEmail: User field in Microsoft AD that will be used as a user e-mail in the user record in SE Suite. ▪fgSyncNotice: Indicates to the system whether the user will receive notifications for training, improvements and system news.
Leader synchronization ▪fgSyncLeader: Enable/disable leader synchronization. ▪distinguishedName: Leader ID # attribute. Default ‘distinguishedName’ or ‘entryDN’ for OpenLDAP. ▪customManager: Relationship attribute. Default ‘manager’. ▪fgDontSyncLeaderCircleRef: Do not synchronize user leaders with a circular reference. ▪fgIgnoreLeaderNotFound: Ignore errors of leader not found.
Position data ▪fgSyncPos: Indicates, for SE Suite, whether user role synchronization is active. ▪nmSyncFieldIdPosition: User field in Microsoft AD that will be used as an ID # in the position in SE Suite. ▪nmSyncFieldNmPosition: User field in Microsoft AD that will be used as the name in the position in SE Suite. ▪fgSyncPosEnabled: Indicates to the system whether the user will be created as active or inactive. ▪fgSyncDept: Indicates, for SE Suite, that user-department synchronization is active. ▪nmSyncFieldNmDepartment: User field in Microsoft AD that will be used as an ID # in the department registration in SE Suite. ▪nmSyncFieldIdDepartment: User field in Microsoft AD that will be used as the name in the department in SE Suite. ▪fgSyncDeptEnabled: Indicates to the system whether the department will be created as active or inactive. ▪idDefaultAccessGroup: Access group code (if set, this will be the default access group when performing user synchronization).
Access group data ▪fgSyncAccessGroup: It indicates, for SE Suite, if the user access group synchronization is active. ▪nmSyncFieldIdAccessGroup: User registration field in Microsoft AD that will be used as the ID # for the creation of the link between user and respective access group in SE Suite.
Team data ▪fgSyncTeam: It indicates, for SE Suite, if the user team synchronization is active. ▪nmSyncFieldIdTeam: User registration field in Microsoft AD that will be used as an ID # in the team registration in SE Suite. ▪nmSyncFieldNmTeam: User registration field in Microsoft AD that will be used as a name in the team registration in SE Suite.
SE Suite connection ▪nmAddress: Access address to SE Suite (https://domain/). ▪nmSEUser: User login that will be used to authenticate in SE Suite with permission to perform the integration. ▪nmSEPassword: User password that will be used to authenticate in SE Suite with permission to perform the integration.
Data for notification synchronization ▪qtNotifierPeriod: Time limit for synchronization inactivity. The system administrator will be notified by e-mail when the synchronization inactivity period is reached. ▪fgNotifierPeriodType: Time limit type for synchronization inactivity. Available types: Minutes, Hours, Days and Weeks. ▪mergeDepartmentFunction: If enabled, when you synchronize the user, the AD user department will be replaced by the current linked department in SE Suite. If disabled, the AD user department will be incremented in the linked departments of the user in SE Suite. |