Viewing ldap synchronization policy details – H3C Technologies H3C Intelligent Management Center User Manual
Page 377
359
To clear the query criteria, click Reset. The synchronization policy list displays all LDAP
synchronization policies.
Viewing LDAP synchronization policy details
The Sync Policy Information page contents vary with the policy synchronization object: Access Users or
Device Users.
Viewing policy information whose Sync Object is Access Users
To view detailed information about a synchronization policy whose Sync Object is Access Users:
1.
Access the LDAP synchronization policy list page.
2.
Click the name of an LDAP synchronization policy whose Sync Object is set to Access Users.
The Sync Policy Information page appears.
Sync Policy Basic Information area
{
Policy Name—LDAP synchronization policy name.
{
Server Name—LDAP server name.
{
Base DN—Absolute path of the base directory that stores user data in the LDAP server.
{
Sub-Base DN—Absolute path of the subdirectory that stores user data in the LDAP server. UAM
synchronizes only the user data under the specified subdirectory from the server.
{
Filter Condition—Filter criteria for the synchronization policy. Only users that meet these criteria
can be synchronized to UAM.
{
States—Policy usability state: Valid or Invalid.
{
Synchronization Priority—Priority of the LDAP synchronization policy. Synchronization policies
with higher priority values are executed first in a scheduled synchronization task.
{
Auto Synchronization—Automatic synchronization status.
−
If this option is enabled (Yes), UAM automatically executes the synchronization policy every
day as scheduled. The execution time depends on the system settings for scheduled daily
tasks.
−
If this option is disabled (No), UAM performs synchronization on an as needed basis.
{
Synchronize Users as Needed—You can enable this option to save user account licenses.
−
If this option is enabled (Yes), UAM synchronizes a new user from the LDAP server only after
the user passes authentication.
−
If this option is disabled (No), UAM synchronizes all the matching users from the LDAP
server.
{
Synchronize New Users and Accounts—If this option is enabled (Yes), UAM synchronizes users
that are not in the IMC platform's user database from the LDAP server, adds these users to the
IMC platform and creates associated access user accounts in the UAM database. If this option
is disabled (No), UAM does not synchronize users that are not in the IMC platform.
{
Synchronize New Accounts of Existing Users—If this option is enabled (Yes), if a user exists both
in IMC platform's user database and the LDAP server, but does not have an access account in
UAM, during synchronization, UAM adds associated access account for this user to its database.
If this option is disabled (No), UAM does not add access accounts for such users.
{
Synchronize Users in Current Node Only—If this option is enabled (Yes), UAM synchronizes
users directly under the specified sub-base DN, but does not synchronize users in any OU under