How to set up Automatic Sync for LDAP?

3 minute read time.

Two years ago, I posted a blog entry for how to setup LDAP in V7 here.

Since then things have changed and new features were added.

But on this blog, I would like to briefly show the changes that were offered as part of U9P5 and higher.

Before we start, a suggestion would be to review the course What is new in V11 and the course titled “Update users from the LDAP directory “ offered through Sage University.

Starting with Product update 9 P5, you can set up your LDAP Sync to run automatically in such a way that a Web server user with proper group and a matching folder user with proper Functional authorization will get created for you.

In order to accomplish the above, the steps below are needed. (Please review the original blog entry, since in the scope of this entry I am not discussing the existing fields that was discussed on the previous blog post)

  1. Open Administration, Administration, Settings, Authentication, LDAP servers. 
  2. Create a new LDAP server (most settings are similar to the original blog), I have highlighted two new section that is important, which you can review the online help for definition of these new fields.



  3. Click Save and return to the main landing page.
  4. After creating the above LDAP server entity open Setup, Users, Trade profile.
  5. Create a new Trade profile for a combination of a menu profile and Function profile, we will be using this Trade profile for the folder user that will be created automatically.



  6. Open Administration, Administration, Endpoints, Endpoints.
  7. Edit your endpoint and add the Menu profile and trade profile that will be used according to each role.



  8. Now open Administration, Administration, Groups and edit the group that will be used for the Synced users. A new field is added that will let you map an X3 group to a LDAP group. 



  9. After all the above setup is set, go to your Active directory and create a new user that is part of the LDAP group (that you have a matching one to X3)



  10. Now you can test the Sync manually. Open Administration, Administration, Settings, Authentication, LDAP servers and click on the LDAP server you have created already and select Update users from LDAP.



  11. This will show the result that your new user was created in X3.

  12. Finally, in order to setup a schedule so that the Sync happens automatically: Open Administration, Usage, Automate, Scheduler and create a new Automation Schedule.



  13. Enter a name and click on the Plus sign to add an event.



  14. Click on the down arrow key to view and set the date and time.



  15. Click Save and go back to the landing pages.
  16. Open Administration, Administration, Settings, Authentication, LDAP servers and click on the LDAP server you have created already and select Schedule user updates.



  17. Select the automation schedule that you have previously defined and click on OK button.




Conclusion: You can set up Automatic LDAP Sync such that for any new user a matching web server user and folder user will get created.

Parents
  • Dear Esfahani,

    Hope this email finds you well.
    I have created LDAP server ( Connection was successful and i get all the users from my Active Directory when i click update users .. ).
    The problem i faced :
              1- the login in screen is yet showing username and password, it will not direct me through the page by using Single Sign On.
              2- I have another server with Sage X3V11, i copied the same settings that i used in LDAP at the Sage X3V7 but it didn't work                           properly.

    Any suggestions for the above.
    Thank for your support.

    Abed Darwish

  • Hello,  

    For your first question, LDAP on V7 and higher are not Single sign on , so users still need to enter username and password but with the remember me setting, you can provide a similar functionality.

    For your second question, please provide some details on what is not working.

    Regards,

  • Dear Sir,

    We are working on a project that uses SSO authentication, the user just login at windows with his credentials, and after that he enters the url ( https with port 8125 not 8124), then SSO authentication will be shown.
    The project uses SAGE X3U9 ERP.
    Is they are using different type or a third party.

    Why LDAP server is found at the administration , and after you define it , it will update all the users from Active Directory.

    Any Updates for the above? 
    I am using X3V11.

    Thank you for your support.
    Abed Darwish

Comment
  • Dear Sir,

    We are working on a project that uses SSO authentication, the user just login at windows with his credentials, and after that he enters the url ( https with port 8125 not 8124), then SSO authentication will be shown.
    The project uses SAGE X3U9 ERP.
    Is they are using different type or a third party.

    Why LDAP server is found at the administration , and after you define it , it will update all the users from Active Directory.

    Any Updates for the above? 
    I am using X3V11.

    Thank you for your support.
    Abed Darwish

Children
  • Hello,

    I am not sure , I am following what your question is,

    If you setup LDAP, then when the users go to X3 URL, they will get prompted for a user and password which then they will enter their active directory user and password and then they can login, optionally they can choose to save the password , which then it automatically prefills next time.

    Regards,