探花大神

Prerequisites:听

• See聽Use Cloud LDAP聽to obtain the 探花大神 specific settings required below.

Okta LDAP Agent Configuration

When using the聽聽here are the basic settings to configure authentication with 探花大神's hosted LDAP service:

• LDAP Server:听濒诲补辫.箩耻尘辫肠濒辞耻诲.肠辞尘
• Root DN:听ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com
• Bind DN:听uid=LDAP_BIND_USER,ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com
• Bind Password:听尝顿础笔冲叠滨狈顿冲鲍厂贰搁冲笔础厂厂奥翱搁顿
• Use SSL connection:聽Enable for SSL聽

LDAP Configuration Settings in Okta

Version

• LDAP Version:听OpenLDAP

Objects

• Unique Identifier Attribute:听entrydn
• DN Attribute:听entrydn

Users

• User Search Base:听ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com
• User Object Class:听inetorgperson
• User Object Filter:听(objectclass=inetorgperson)
• Account Disabled Attribute:听pwdlock
• Account Disabled Value:听true
• Password Attribute:听userpassword

Group

• Group Search Base:听ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com
• Group Object Class:听groupofnames
• Group Object Filter:听(objectclass=groupofnames)
• Member Attribute:听member
• User Attribute:听memberof

Role

• Object Class:听groupofnames
• Membership Attribute:听memberof

Validating Configurations

• Okta username format: email
• Example username: [email protected]

Example of聽 a Successfully Validated聽Configuration

Importing Users into Okta from 探花大神 via LDAP

Once you've configured Okta LDAP's Directory Integration and LDAP Agents, the next step is to import Users from 探花大神. 

To import users into Okta from 探花大神:听

1. Navigate to Directory Integrations and select the newly configured LDAP Directory Integration you've just configured in the steps above. 
2. Select the Import 迟补产.听
3. Click Import Now.
4. A pop up modal will appear, allowing you to select Incremental or Full. This will be based on how you would like to import users. To start or test the import, select Incremental.听
5. Click Import.
6. You'll see the number of Users and Groups that have been scanned from your 探花大神 organization that have been bound to 探花大神 LDAP.
7. You can then select the users you'd like to import into Okta from 探花大神 from this list. 
8. When you're ready to import these selected users, select Confirm Assignments.

Once you've imported your users from 探花大神 into Okta via LDAP, you should see these Users within the People tab within the Okta LDAP Directory Integration within Okta's admin portal.

Troubleshooting

If the error聽Could not find a value for the BaseSubstitutionProperty on the User result聽is received, perform the following steps to resolve:

1. During initial configuration, remove the memberOf value for the Groups > User Attribute configuration and leave the field blank.
2. After the configuration is successfully saved, this value may then be re-input as per the configuration listed below.
3. If the verification test continues to fail after replacing the memberOf attribute within the configuration, then confirm that your LDAP Users have been associated with an LDAP-enabled group as the query performed by Okta requires the attribute to be present in the user object during the verification.