Skip to main content

 

Druva Documentation

Modify an LDAP Mapping

inSync Cloud Editions: File:/tick.png Elite Plus File:/tick.png Elite File:/cross.png Enterprise File:/tick.png Business

Overview

inSync allows administrators to modify an existing LDAP mapping. Administrators can update the following fields in an LDAP mapping:

  • LDAP mapping name
  • Filter Users criteria

inSync uses the destination or location attributes defined in the Filter Users field to import and create inSync accounts of users in your organization. Administrators can add new LDAP attributes or remove the existing ones to update the criteria used for managing the accounts.

When an administrator adds or removes a LDAP attribute, inSync queries for the users that fall under the updated LDAP mapping and:

  • Imports new users and creates inSync accounts.
  • Identifies existing inSync user accounts that do not belong to any LDAP mapping and preserves it.

Note:

  • inSync automatically imports users, only if the Auto import new users setting is configured. For more information, see Auto-import users from your AD/LDAP.
  • inSync automatically synchronizes user accounts, only if the Auto preserve unmapped users setting is configured. For more information, see Synchronize inSync users with your AD/LDAP.
  • Administrators can specify multiple attributes to filter users and import them into inSync. Users are filtered based on the AND (&) and OR (|) condition specified while defining multiple attributes.

Any update to an existing LDAP mapping is logged by inSync and displayed in the administrator audit trails. Audit trails is a feature that is part of the Governance offering. For more information, see View audit trail for administrators.

Procedure

To modify an LDAP mapping,

  1. On the inSync Management Console menu bar, click Manage > Deployments > AD/LDAP.
    List of existing AD/LDAP mappings is displayed on the AD/LDAP page under the Mappings tab.
  2. Click on the LDAP Mapping Name that you want to modify. LDAP mapping details are displayed.
  3. In the AD/LDAP Configuration area, click Edit.
    Edit window appears.
  4. If you want to update the AD/LDAP mapping name, type a new name as per your naming convention.
  5. In the Filter Users area,
    • If you want to add a new location attribute, type the name of the new attribute and click Verify. inSync validates the new attribute with your registered LDAP, and a tick.png is displayed if the attribute is valid.
      OR
    • If you want to remove an existing attribute, select it and delete.
  6. Click Ok.

Users are imported or preserved based on the update you have made to the LDAP mapping.

 

 

  • Was this article helpful?