Before you can add your Web Community Manager website and LDAP Directory group cross-references, you create your categories and groups for your Web Community Manager website. You also need to create a passport with the extended privilege that enables LDAP Authentication.
- Create categories for each of your schools
- Manually create or import groups you need
- Add the categories to the groups
- Create your group cross-references
to create a blanket group mapping for all users and specify the LDAP enabled passport in the cross reference so that all LDAP authenticated users are assigned the passport when their account is created in Web Community Manager. This passport assignment from the group cross reference occurs once—when a LDAP Authenticated users sign in to Web Community Manager for the very first time.
Create a category
Use categories to create sets of groups. They are used to filter when selecting a group and are typically named by school buildings. For example, Happy Valley Elementary School, Happy Valley High School, and so on.
- From Site Manager select USERS & GROUPS.
- Select Groups.
- Select Categories.
- Select New Category.
- Type the Category Name.
* Use consistent naming conventions for your categories. For example, categories for schools in the Happy Valley School District might be named HVHS (Happy Valley High School), HVMS (Happy Valley Middle School), and HVES (Happy Valley Elementary School).
- Select Save.
Create a group with the category
Create groups to associate with the groups in your LDAP directory.
- From Site Manager select USERS & GROUPS.
- Select Groups.
- Select New Group.
- Type a Group Name.
- Optionally, type a Group Code.
- Select the group category from the Category menu.
- Select Save.
Create a passport with LDAP privileges
You must give users in your LDAP directory permission to sign in to your Web Community Manager website. All LDAP authenticated users are assigned this passport when their account is created in Web Community Manager.
- From Site Manager, expand USERS & GROUPS.
- Select Users.
- Select Passport.
- Select New Passport.
- Type the name and description for the new passport.
* Include LDAP in the name to make it easy to identify.
- Select Save.
- Find the passport and select the name to assign administrative privileges to it.
- Select Extended Privileges.
- Find the Allow user to sign in using LDAP privilege and select Inactive to activate it.
* This is what allows your Web Community Manager website to authenticate an existing user account user name and password against your LDAP Directory.
- Select Save.
Map cross references
Most users are organized into groups in your directory server. You should have similar groups on your website. When you map these groups together, you reduce the effort to maintain accurate memberships. A user who is part of the group in your LDAP server is assigned that mapped group in your website. A user removed from that group in your LDAP server is removed from that group in your website.
- From Site Manager, expand USERS & GROUPS.
- Select Settings.
- Select LDAP.
- Select the fully qualified domain name.
* If you don't see a domain name, add a domain.
- Select Group Cross Reference.
- Select New Cross Reference.
- Select the group you created in Site Manager from the Group menu.
- Select the LDAP directory group from the Group Distinguished Name menu.
* Members from this LDAP directory group are assigned to the group you created in Site Manager.
- Select the LDAP passport you created in Site Manager from the Passport menu.
* When LDAP Authentication creates a new user account in your Web Community Manager website, the passport specified here is assigned to the new user account. This assignment occurs once, on the initial creation of the account—that is, when a LDAP enabled user signs in to Web Community Manager for the very first time.
- Select Save.