You are viewing limited content. For full access, please sign in.

Question

Question

Purpose of "Show organization drop-down list" in STS?

Directory Server Administration Licensing
Updated October 3, 2022
asked on August 15, 2022

I am familiar with creating Organizations in LFDS to help manage licenses. We have used this in the past when different departments paid for their own licenses and used this functionality to keep track of who had what.

I am unfamiliar with why, on the STS login page, you would need to select a specific Organization though?

Just wondering if someone can explain to me the need or benefits of this feature?

0 0

Replies

replied on August 15, 2022 Show version history

My recollection is that each organization is a unique namespace for LFDS Laserfiche users.

As in, you can have two identically named Laserfiche users, "blake.smith" in Org 1 and "blake.smith" in Org 2 (implicitly, blake.smith@org1.lfds and blake.smith@org2.lfds if that helps). In that scenario, LFDS requires that you specify the Organization (namespace) so it knows which internal org subdirectory to perform the auth request againt.

For authentication purposes, LFDS Organizations are irrelevant to Active Directory users because their unique namespace is provided by the AD domain.

3 0
View 3 previous replies
replied on August 16, 2022

Thank you Samuel. I can honestly say that is the first time I can recall hearing that information.

0 0
replied on August 16, 2022 Show version history

You're quite welcome. The Venn diagram intersection of "customers who use Organizations" and "customers who use LFDS Laserfiche users at scale" is very, very small.

Most customers large enough to need to use LFDS Organizations for license tracking between departments/divisions/campuses/etc. are using AD or LDAP or SAML SSO where the LFDS Org namespace doesn't matter for authentication. 

0 0
replied on September 30, 2022

Samuel, just a follow up question to this. How do Groups within LFDS play into this? You can assign a group to an Organization in LFDS, but what does that do?

0 0
replied on September 30, 2022

My understanding is that it mostly has to do with security scopes on the Group objects, per the Organization Security tab shown in Managing Organizations.

You can, as far as I can tell, make users of one Org members of a Group in a different Org at the same level (e.g., both Orgs direct children of the Root Org).

0 0
replied on October 3, 2022

If you move a group from one organization to another and that group is used in /FormsConfig to give users permissions to access Forms, does moving the group change anything in Forms?

0 0
replied on October 3, 2022

No. Forms stores the LFDS group by its SID and moving an LFDS group from one Org to another does not change the SID. Only deleting and re-creating the group in LFDS would change the SID.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...