You are viewing limited content. For full access, please sign in.

Question

Question

How Do We Synchronise SAML Users to LFDS in Same Way As With Windows AD?

Laserfiche Forms Directory Server Version 10 Security
Updated August 1, 2018
asked on July 31, 2018

Our client has set up the SAML connection as an identity provider and would like to synchronise the users to LFDS like they do with AD (by setting the Rules in the Windows AD settings page). They can see how they add SAML users individually, but this surely cannot be the only way that users are added.

 

They have assigned the group that all SAML users are in to an LFDS but we doubt that is how your synchronise users considering that licences cannot be defined for the individual users (Windows AD rules allow the licences to be defined when the user is synchronised).

 

Thank you for you assistance.

3 0

Replies

replied on August 1, 2018 Show version history

Currently, the method recommend for adding many SAML users is to use the CSV import option. As we expand our support for SAML providers and our SAML features, we are aiming to reduce manual work for user licensing.

Unlike Windows AD, SAML does not have a standard method for retrieving users that belong to a group or even what the underlying directory looks like, so the just adding same type of synchronization is not possible.

What SAML provider(s) are you working with?

We are exploring several options, but knowing what SAML providers are used by customers helps us focus our efforts.

2 0
replied on August 1, 2018

For me Azure.

In Azure Active Directory, create a new Enterprise Application pointing to LFDS and configuring SSO using SAML.

1 0
replied on July 31, 2018

Hi Lindsay, i'm facing the same issue with the synchronization. We are adding the users manually at this moment...so we are waiting for the answer too...

But talking about SAML do you found any documentation to achieve that configuration working with DS...? I had to configure saml for azure but practically all my time was try and fail...now i have my web users working but winclient users dont so i dont know if in any of my test i did something wrong...

Thanks for your help.

1 0
replied on July 31, 2018

I cannot say I have any answers for you on that front -- doubly so because the client is doing a lot of the leg work for this part of the installation so we are not receiving the experience.

 

You can try automating workflow to synchronise the users to the LFDS database but come on, sure that is not the answer…

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...