Directory Servers
Select User Management > Directory Servers.
- Estimated Time Required: 5-20 minutes
- Skill Level: Intermediate
- Prerequisites:
- Domain Controller credentials are available.
On the Directory Servers page, you can incorporate your organization's users and groups from Windows Active Directory or other LDAP-based directory into your FME Server security configuration.
When you import user accounts from a directory server, they can authenticate as Users with FME Server using their directory server credentials. Optionally, with a Windows Active Directory connection, single sign-on authentication can be enabled, in conjunction with SASL.
When you import groups from a directory server, they become Roles in FME Server.
Perhaps the most convenient aspect of directory server integration is the ability to use the same groups that exist on the directory server and configure them as roles in FME Server, assigning them permissions just as you would elsewhere. This is because FME Server maintains directory server relationships between users and groups. For example, consider server directory User_1 who belongs to server directory Group_1. If you import User_1 as a user in FME Server, and import Group_1 as a role in FME Server, User_1 is automatically a member of the role Group_1 in FME Server.
To get started with Directory Servers
- Create a connection to your directory server.
- Using the connection, import Users and Groups from the directory server into FME Server.
To view or edit your Directory Server Connections
The Directory Server page displays basic information about your directory server connections, including the connection name, the directory server host name and port, and whether the connection is synchronized.
To view more information and edit the connection, click on it. The Editing page opens. The fields available to edit are the same as those for creating a connection.
To perform other tasks on Directory Server Connections
- To create a new connection, click Add.
- To remove one or more connections, check the corresponding box(es) and click Remove.
- To add users or roles from a connection, check the box beside the connection and click Browse Users or Browse Groups, respectively.
- To synchronize a connection, check the box beside the connection and click Synchronize. This action synchronizes the following:
- Relationships between users and groups. For example, consider User_1 who belongs to Group_1 in FME Server because of a corresponding relationship in the directory server. If that relationship is subsequently broken in the directory server, the relationship between User_1 and Group_1 will break in FME Server after the next synchronization interval. Likewise, if a directory server user changes groups, that change will synchronize in FME Server.
- Name changes to user accounts on the directory server.
Note: When synchronization occurs, FME Server ensures any directory server name change does not break the user's connection to FME Server. However, FME Server does not update the user's login name (Username) or display name (Full Name).
WARNING: You cannot remove an directory server connection without first removing any users you imported from the connection. You are prompted to remove users associated with the connection, and to transfer ownership of any items owned by these users to other users.
Note: If synchronization is already enabled for the connection (indicated by a green checkmark), synchronization is already occurring at specified intervals.
See Also