LDAP Authentication Mapping Question
Hi,
I am using Pega 7.2.0. Regarding LDAP authentication, I was wondering if the organization information (that can be specified on the LDAP 'mapping tab' is required for LDAP authentication or is it optional? (my LDAP environment is not yet setup for me to test this).
thanks for your help
Doug
thanks Chris, that answers it.
As a side question - when I access the Pega LDAP url, it appears the image and styling links are broken (as shown in attachment). Not sure if you have any idea why? (I noticed the same web issue when my pega academy session timed out).
This only occurs when you have the prconfig or DSS setting for Authentication/RedirectGuests set to "false" and are using Custom Authentication. You only set this configuration setting to false when using PRGateway application used for satisfying same domain origin policy when implementing a Mashup in PRPC 7.2 or lower.
If you are using PRGateway then I have a solution for you. If you are not using PRGateway set Authentication/RedirectGuests to "true"
Thanks,
Yes, I have PRGateway installed for mashups/IAC.
Doug
We should move this to a new post. Can you add a new question related to the login screen and I will put the answer there.
Thanks Chris,
I created a new post titled: 'Login Form Display Issue'
Doug
This is optional. The authentication activities use these for authentication.
Hi Doug,
The mapping of organization information is optional but if your using a OTB authentication activities like AuthenticationLDAP then you should also modify the activity AuthenticationLDAPVerifyCredentials. (AuthenticationLDAP calls AuthenticationLDAPVerifyCredentials.)
There is logic on AuthenticationLDAPVerifyCredentials that looks for organizational information passed in from LDAP mapping. This is in step 4 and used to dynamically create the Data-Admin-OperatorID record for users that don't yet have one using a model operator record referenced in the Organization Unit record.
The login activities like AuthenticationLDAP are starting points so you can of course modify these to fit your business needs. They are not final and it's expected some changes will be required.
--Chris