TIBCO Spotfire Server 3.2.2 - TIBCO Product Documentation
TIBCO Spotfire Server 3.2.2 - TIBCO Product Documentation
TIBCO Spotfire Server 3.2.2 - TIBCO Product Documentation
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Authentication and User Directory<br />
<strong>Server</strong> supports MemberOf<br />
Group synchronization<br />
Synchronization schedule<br />
User search filter<br />
Username attribute<br />
Group name attribute<br />
Group search filter<br />
Most LDAP servers store all groups a user is a<br />
member of in the user object. This is how the <strong>Spotfire</strong><br />
system finds members of groups to synchronize. Some<br />
LDAP implementations, however, do not support this<br />
feature. To perform group synchronization with these<br />
LDAP servers, the <strong>Spotfire</strong> system will have to search<br />
within the group to synchronize for its members, and<br />
then perform a second search to find the correct<br />
username attribute for the user. This will increase<br />
traffic immensely between the <strong>Spotfire</strong> system and the<br />
LDAP server, and should only be used if you need<br />
group synchronization and your LDAP server does not<br />
support the MemberOf attribute. Note that the major<br />
LDAP implementations from Microsoft and Sun do<br />
support MemberOf. If unsure, select Yes. See also the<br />
option Member attribute.<br />
This option specifies which groups should be<br />
synchronized.<br />
This options specifies how often groups should be<br />
synchronized. For instance, if you want to synchronize<br />
groups every Monday at 09:00, the schedule should<br />
read "0 9 * * Monday".<br />
This syntax is a subset of crontab syntax. Specifically,<br />
"/" (slash) is not supported in any field. For more<br />
information about crontab syntax, see the Wikipedia<br />
article http://en.wikipedia.org/wiki/Cron and any of<br />
the pages it refers to.<br />
To further limit what part of the LDAP directory tree is<br />
searched for users, you can add additional search<br />
filters in addition to Context above.<br />
In an LDAP Directory, a number of attributes are<br />
stored for each user. The actual username can be called<br />
different things on different brands of LDAP servers.<br />
If you select one of the LDAP directory server types<br />
listed under <strong>Server</strong> Type, this option will be preselected,<br />
but if you use a custom LDAP directory<br />
server you need to specify which user attribute is the<br />
username.<br />
As with Username attribute, this option specifies<br />
which attribute is the group name.<br />
To further limit what part of the LDAP directory tree is<br />
searched for groups, you can add more search filters in<br />
addition to Contexts above.<br />
82 (144) <strong>TIBCO</strong> <strong>Spotfire</strong>® <strong>Server</strong> <strong>3.2.2</strong>