cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

We are happy to announce the new Windchill Customization board! Learn more.

Filtering a Corpoate LDAP

ScottKeller
1-Newbie

Filtering a Corpoate LDAP

We are using a third party LDAP that is not AD. I do not have any control of the entries as it is controlled by another department.


Our LDAP contains a ton of entries that are related to contactors and machines that should not show up as windchill users.


The show up in my Principal Admin and in WTUser pull-down menus in workflow assignments.


Has anyone out there been able to filter out entries from a non-AD corporate LDAP?


Thanks in advance for any help or advice.


Scott Keller


Kensey Nash Corporation

4 REPLIES 4

Create an LDAP group that should contain only user's who should have access to Windchill. Something like "windchill-users". Then configure your Enterprise LDAP adapter to only retrieve users from that group.

com.steelcase.EnterpriseLdap.windchill.mapping.user.filter: memberOf=CN=windchill-usr-dev,OU=Windchill,OU=Applications,OU=Services,DC=na,DC=steelcase,DC=net

Patrick Williams | Engineering Systems | o: 616.698.3766 | c: 616.947.2110
[cid:image001.jpg@01CC3FBC.702D99E0]

A far simpler approach is to not touch Active Directory at all.

Instead, simply point Apache to active directory for the current correct password for each user account. This requires creating Windchill accounts in Windchill but frees the Windchill admin from caring about the corporate LDAP. We've been operating this way for 4 ½ years, with users at 11 different facilities around the world.

Us too. Anyone can knock but only a select can come in.


We have tried this a few times and have not had much luck. I think its because we are not using Active Directory.

Top Tags