Mapping users from a directory server

If you are provisioning users from a directory server, you can use the User Mapping tab to map selected user fields to be synched with your Jive user information.

Before you begin, make sure you have an active connection to an LDAP directory server in the Server Configuration tab to see the other configuration tabs. For more information, see Overview of directory server integration steps.

Fastpath:
  • Admin Console > People > Directory Server, than the User Mapping tab
  • Advanced Admin Console > People > Settings > Directory Server Settings, than the User Mapping tab

You can use the User Mapping tab to determine what information LDAP and Jive share and how they keep user information synchronized. You can also use this tab to specify how Jive identifies external users who have access to externally accessible groups, and which users marked in LDAP are disabled in Jive.

To set up user mapping:

  1. Go to the directory server configuration page:
    • Admin Console > People > Directory Server
    • Advanced Admin Console > People > Settings > Directory Server Settings
  2. Make sure you defined a valid connection to an LDAP directory server in the Server Configuration tab.
    If you don't have a working connection established, you won't be able to see the rest of the configuration tabs.
  3. In the User Mapping tab, map the user account fields to connect user accounts based on the LDAP fields to be used to create and enable a Jive account based on the directory listing.
  4. If you plan to enable Externally Accessible Groups and want to identify users based on an LDAP match rather than by inviting them directly from the social group, specify a name-value pair by using the User Type Field and External Contributor User Type Value settings.
  5. If you want to disable Jive user accounts by identifying them in LDAP, specify a name-value pair using the User Disabled Field and User Disabled Field Value settings.
    You may do this by using a field that is predefined for this purpose, or you can use any other available name-value pair to disable users based on an attribute. You must also select Disable federated user accounts not found in the directory in the User Synchronization tab.
    For example, Active Directory uses UserAccountControl=514 to mark disabled users: you can specify UserAccountControl as the User Disabled Field and 514 as the User Disabled Value.
  6. Specify any profile fields you want to synchronize by providing the field information from your directory.
  7. If you want to narrow down the number of users to be synched, use the User Filter and User RDN fields to apply the user filters. For more information about preparing user filters, see Overview of directory server integration steps.