Management of users in Active Directory and LDAP
SealPath Enterprise let you manage internal and external users from these different sources:
- Users included in Active Directory.
- Users included in LDAP.
- Users included in a local database.
It is possible to have the internal users in one or several Active Directories or LDAPs and the external users in different ADs or LDAPs from the ones that contain the internal users.
In a typical deployment, the internal users are usually managed in AD/LDAP and the external users in SealPath's local database.
What advantages has integrating SealPath with AD/LDAP?
Working with AD/LDAP it is possible to:
- Use the domain credentials to work with SealPath.
- Protect documents for specific groups instead of doing it for individual users.
Provisioning users from AD/LDAP
To provision a user or a group of users in Company Users, SealPath will show you a view of the different Organizational Units, Groups, etc. Selecting them, we can provision them in the system.
In order to work with SealPath, it is necessary that the email a ttribute is filled in the AD. It is not necessary having an associated "mailbox", but it is required to have the email attribute configured since the SealPath's id for any user or group is the email. SealPath alert you when detects that some users in the AD have not this email attribute completed as it can be seen in the following figure:
It is simply necessary to select from the tree the users that we want to provision in the system.
By default all the provisioned users will have the "Protector" rol. This means that they can protect documents and access to them. It is possible to provision only "Consumers", that cannot protect, but can access to protected documents.
Clicking on "Create" we will have confirmed the provisioning of the new users.
Search users in AD/LDAP
SealPath allows you to search users or specific groups within Active Directory or LDAP. For this, you only need to use the search box.
Once we have the search results, it is only necessary to select the users to provision them in the system.
Select also if you want to provision the user as Protector or Consumer and click on "Create".
Edit user data
In order to edit the data of a user already provisioned, we just select this user in the list and click on "Edit". Wet can modify what we need from the user and save it again.