How to configure LDAP Adapter Publication service to publish changes in a Microsoft AD LDAP group.
Article ID: KB0076989
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks Plug-in for LDAP | 6.1.1 |
Description
The LDAP Adapter publication service supports the following LDAP operations:
INSERT, UPDATE, DELETE, and MODIFY DN. Changes made through the INSERT, UPDATE, DELETE, and MODIFY DN operations on the LDAP server are picked up by the adapter and published.
Some customers have requirement to use Publication service to pick up and publish changes made to the members of a AD Group. For example, we have a AD group called "Group" at CN=Managed Service Accounts,DC=corp,DC=tibco,DC=com, we also have two members "User1" and "User2" at CN=Users,DC=corp,DC=tibco,DC=com. The "User1" is the member of the "Group". The requirement is, when there is any changes in "User1", or any other members of the Group, the Adapter should be able to pick up and publish the changes.
INSERT, UPDATE, DELETE, and MODIFY DN. Changes made through the INSERT, UPDATE, DELETE, and MODIFY DN operations on the LDAP server are picked up by the adapter and published.
Some customers have requirement to use Publication service to pick up and publish changes made to the members of a AD Group. For example, we have a AD group called "Group" at CN=Managed Service Accounts,DC=corp,DC=tibco,DC=com, we also have two members "User1" and "User2" at CN=Users,DC=corp,DC=tibco,DC=com. The "User1" is the member of the "Group". The requirement is, when there is any changes in "User1", or any other members of the Group, the Adapter should be able to pick up and publish the changes.
Issue/Introduction
How to configure LDAP Adapter Publication service to publish changes in a Microsoft AD LDAP group.
Environment
Operation Systems: All
Resolution
In this case customer can configure the Publication service Filter like below:
============
(memberOf=CN=Group,CN=Managed Service Accounts,DC=corp,DC=tibco,DC=com)
============
And in Base DN, customer can configure below:
============
CN=Managed Service Accounts,DC=corp,DC=tibco,DC=com
Or
DC=corp,DC=tibco,DC=com
============
When we modify the "User1", the LDAP Adapter Publication service will pick up and publish the change event. If we modify the "User2", the Publication service will not publish any event because "User2" is not the member of the Group.
============
(memberOf=CN=Group,CN=Managed Service Accounts,DC=corp,DC=tibco,DC=com)
============
And in Base DN, customer can configure below:
============
CN=Managed Service Accounts,DC=corp,DC=tibco,DC=com
Or
DC=corp,DC=tibco,DC=com
============
When we modify the "User1", the LDAP Adapter Publication service will pick up and publish the change event. If we modify the "User2", the Publication service will not publish any event because "User2" is not the member of the Group.
Feedback
Yes
No
Powered by
