cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - When posting, your subject should be specific and summarize your question. Here are some additional tips on asking a great question. X

Filtering a Corpoate LDAP

ScottKeller
1-Visitor

Filtering a Corpoate LDAP

We are using a third party LDAP that is not AD. I do not have any control of the entries as it is controlled by another department.


Our LDAP contains a ton of entries that are related to contactors and machines that should not show up as windchill users.


The show up in my Principal Admin and in WTUser pull-down menus in workflow assignments.


Has anyone out there been able to filter out entries from a non-AD corporate LDAP?


Thanks in advance for any help or advice.


Scott Keller


Kensey Nash Corporation

4 REPLIES 4

Create an LDAP group that should contain only user's who should have access to Windchill. Something like "windchill-users". Then configure your Enterprise LDAP adapter to only retrieve users from that group.

com.steelcase.EnterpriseLdap.windchill.mapping.user.filter: memberOf=CN=windchill-usr-dev,OU=Windchill,OU=Applications,OU=Services,DC=na,DC=steelcase,DC=net

Patrick Williams | Engineering Systems | o: 616.698.3766 | c: 616.947.2110
[cid:image001.jpg@01CC3FBC.702D99E0]

A far simpler approach is to not touch Active Directory at all.

Instead, simply point Apache to active directory for the current correct password for each user account. This requires creating Windchill accounts in Windchill but frees the Windchill admin from caring about the corporate LDAP. We've been operating this way for 4 ½ years, with users at 11 different facilities around the world.
avillanueva
22-Sapphire II
(To:ScottKeller)

Us too. Anyone can knock but only a select can come in.


We have tried this a few times and have not had much luck. I think its because we are not using Active Directory.

Announcements


Top Tags