Configuring an address book for LDAP

For FootPrints to access an external LDAP contact database, you must configure the connection settings. For a list of commonly used LDAP attributes and the field names associated with them, see List of LDAP attributes that FootPrints supports.

To create an address book using LDAP

1. Open the address book and contact item that you want to configure:
   
   1. Click the Administration tab.
   2. In the Address Books section, click the address book name or click Manage to open the Address Book Administration page. Then, double-click the address book.
      The Address Book details page appears.
   3. In the left pane, click Contacts.
   4. Double-click the contact item.
      The Item details page appears. 
2. In the left pane, click Address Book Options.
3. Select LDAP.
   The Configure External Source button becomes active.
4. Click Configure External Source.
5. Enter the LDAP server information as follows:

   1. In the LDAP Server Address field, enter the fully qualified domain name or IP address of the LDAP server for this address book.

      Note

      When you try to connect to an LDAPS server using the IP address of the LDAP server, you might get an error. This happens because of security changes in Java. For more information, see Knowledge Article 184478 .

   2. In the LDAP Server Port field, enter the port number for the server.
      The default value of 389 can be used for unsecured connections.
   3. In the Last Name of Person in the Directory field, enter the last name (surname) of a contact in the LDAP directory that FootPrints can use to test the connection to your LDAP server.
   4. In the LDAP Base DN field, enter the distinguished names for this server, one on each line.
6. In the Authentication Login Information section, if the server does not allow anonymous binding, enter the Distinguished Name and Password for connecting to this server.
   The distinguished name is generally in the following format:
   cn=<userID>,ou=organization,o=company
   where <userID> is the ID for the account used for binding, followed by a comma, and then the search base.
   For Active Directory, the distinguished name might be: 
cn=Administrator,cn=Recipients,ou=organization,o=company
   For Active Directory 2010, the distinguished name might be: 
cn=Administrator,cn=Users, DC=NTdomain,DC=internetName,DC=com
7. (Optional) In the Available LDAP/Exchange/Active Directory Attributes field, review the list of fields available in LDAP after the connection is established.
   This field is read-only. For a list of commonly used LDAP attributes and the field names associated with them, see List of LDAP attributes that FootPrints supports.
8. Enter LDAP security details:
   1. In the LDAP Security Type field, select the type of security used for this server.
      Options are None, LDAPS, and Start_TLS.
      If you select LDAPS or Start_TLS, additional fields appear for providing certificate ensure that you use the correct Port for these options.
   2. In the Certificate Verification field, select the level of verification.
      Options are Required (most secure), Optional, and None.
   3. Click Browse to select the certificate file.
9. Click Connect.
   The system attempts to connect to the LDAP server. If the system is successful, the Map LDAP Fields section becomes active.

10. Map the LDAP source fields to the Footprints Address Book Fields by clicking a cell in the LDAP Fields column and selecting the matching field.

11. Click Save.

12. Publish the address book to implement your changes:

    1. In the breadcrumb trail, click the Address Book link.

    2. Click Save and Publish.

       A confirmation message appears.

    3. Click Yes.

       The Publication Succeeded message appears, showing the number of errors and warnings.

Next steps

Configuring contact items

Configuring Master Contact records