Administering the Community / Directory Server Integration Guide
Parent topic: Directory Server Integration Guide

Overview of Directory Integration Steps

To set up directory server integration, you need to gather information about your LDAP server configuration, identify the location of your key directory server and tree, map your users and (optionally) groups so Jive can synchronize to them, and then test your implementation to ensure it is successful.

Directory server integration relies on preparation and testing to be successful. If you use this list of overview steps to plan your integration, and if you run a test implementation to ensure that you have correctly identified the users, groups, and fields you want to sync with your Jive instance, you can avoid some frustrating missteps associated with integrating these two complicated products.

  1. Gather information about your server configuration. To complete the integration setup, you will need:
    • The address of your directory server and how it will communicate with Jive. If you're using Jive to host your community, you can contact Support for assistance with setting up the connection between these servers. Make sure you account for server referrals, especially if you use Active Directory.
    • The Base DN associated with the users you want to sync with Jive. You may or may not want to include all the users in your organization, so make sure your Base DN is associated with the part of the tree that includes the users you are targeting. Keep in mind that if you plan to map groups as well as users, your BaseDN needs to be at a tree level that contains both users and groups. You can also narrow down your users by specifying a User DN relative to the Base DN during setup.
    • The DN associated with an Administrator account that has read access to your directory server. (This account does not need to be linked to a Jive user.)
    • The field identifiers associated with any directory service fields you want to sync to Jive profile fields. For example, the Username field is typically associated with the sAMAccountName field for Active Directory. A good method for obtaining this information for your directory server setup is to export an LDIF file.
    • Any LDAP filter expressions you need to limit the number of users returned when you sync Jive to your LDAP tree. If you don't filter, synchronizing to your directory server will return every user associated with the Base DN you supplied, and your Jive community may be populated with users who don't need to be there. The LDAP Explorer website is a helpful resource for information about LDAP filters. For filter information focused on Active Directory, see LDAP Query Basics on the Microsoft website.
    • The field identifiers for any groups you want to map to permissions groups in Jive. You don't need to map any groups if you want to manage permissions entirely in the Jive community. You will also need to specify an attribute such as member or memberOf that can be used to associate users and groups.
  2. Start the directory server integration setup by going to the Admin Console and selecting People > Settings > Directory Server Settings. Note that the individual fields on this screen have helpful tool tips that you can access by hovering on the question mark next to the field.
  3. Supply your connection settings and test the connection by clicking Test Settings at the bottom of the screen. If you can't connect, you may need to check your credentials. The account you're binding with must have read access to users and groups for the entire subtree rooted at the base DN.
  4. Click Save to save your connection settings and display the rest of the configuration screens in a tabbed view.
  5. In the User Mapping screen, map any Jive profile settings you want to populate from your directory server by supplying an LDAP string. Fields for which you provide a mapping will be updated from the directory server whenever a sync takes place, typically when the user logs in (see User Synchronization). Click Advanced Settings to add any user filters you want to use to narrow down the number of users you will sync.
  6. Click Test Settings to validate your mappings against the directory server. If the attribute you specified can't be found, you'll see an error message identifying the problem.
  7. In the Group Mapping screen, decide whether to use and synchronize the permissions groups you have set up in LDAP or use Jive to assign users to permissions groups. (Note that group permissions have nothing to do with social groups in Jive. ) You can choose to maintain some Jive-created permission groups even if you use LDAP-managed groups: however, make sure they are distinctly named.
  8. Go to the User Synchronization screen to determine when and how you'll synchronize your user information between LDAP and Jive.
Parent topic: Directory Server Integration Guide

Powered by Jive Software
© 1999-2018 Jive Software. All rights reserved. Follow us on Twitter @JiveSoftware