Back

Usage

Once the LDAP Adapter is configured properly, the basic workflow for user account setup and activation is specified below, in the form of a brief overview for reference, as well as a more detailed demonstration.

Note

The steps on this page assume the LDAP Adapter has been properly configured. If this is not the case, please reference the Configuration, or if you need assistance reference the support documentation, Support.

Important

By default, all LDAP Users are intentionally locked when they first attempt to login. This is done to allow the Soltra Administrator to specify the new user’s organization and TLP settings, as well as internally validate that the new user in question is authorized to access Soltra Edge. Once a user is ready to be enabled, the Soltra Administrator must visit the new user’s profile, navigate to the Access tab on the left of the page, uncheck the Locked User checkbox, and click the Update button to apply the settings. Until these steps are performed the user will be unable to login to Soltra Edge. See the figure below of the Access section of a user’s profile.

Unlock User Account

Figure 5. Unlock User Account Example

Brief Reference

The steps to adding an LDAP user once the LDAP configuration is set are as follows:

  1. LDAP User attempts to login to Soltra Edge via web interface
  2. LDAP User, after providing valid credentials, is notified that account is locked until Soltra Administrator enables the account
  3. Soltra Administrator is notified via internal messaging system within Soltra Edge that a new LDAP user has #ttempted to login
  4. Soltra Administrator navigates to LDAP User’s profile, either via link in message or navigating to the User #ection of the Admin interface (Admin -> User)
  5. Soltra Administrator navigates to Access tab on left of page (see attached screenshot for reference)
  6. Soltra Administrator unchecks “Locked User” setting
  7. Soltra Administrator clicks “Update” button that is immediately below the “Locked User” checkbox
  8. LDAP User can now login to the system

Detailed Overview

Adding LDAP Users

1. In the example below, Alice does not yet have a Soltra Edge account. She does have:

  • an LDAP account with username “alice”
  • an Edge Instance has the LDAP Adapter installed
  • the LDAP Adapter configured for her LDAP
Administrator Creates Account on LDAP/Active Directory Server

Figure 6. Administrator Creates Account on LDAP/Active Directory Server

2. Alice logs into Soltra Edge using her LDAP credentials.

User Login

Figure 7. User Attempts Initial Login

3. Alice is notified that an Admin needs to approve her. The Admin needs to set Alice’s access-controls before she can use Soltra Edge.

User Receives Notification

Figure 8. User Notified Administrator Unlock and Setup Account

Authorizing LDAP Users

4. The Administrator gets a notification about Alice’s login and is notified they must unlock the user account to allow Alice to login.

Administrator Receives Notification - Account Setup

Figure 9. Administrator Set User Profile Permissions

5. The Admin sets permissions for Alice just like any other user. As a non-local user, she authenticates via LDAP rather than the local user database. Her access controls are stored in the local user user database like local users.

Administrator Set User Profile Permissions

Figure 10. Administrator Set User Profile Permissions

6. Admin unlocks the user, sets permissions (TLP, staff, etc.) and saves the User changes.

Administrator Set User Profile Permissions - Confirmation

Figure 11. Administrator Set User Profile Permissions - Confirmation

7. Now Alice is able to log in using her LDAP username and password, with the specified permissions set by the administrator.

User Successful Login

Figure 12. User Completes Login

 

For more information, join the conversation in the CTX/Soltra Edge Forums at forums.soltra.com.