Remove Mapping Between Historian Proficy Authentication Groups and LDAP Groups

About this task

If you want to stop users from an LDAP group from using Historian Web-based Clients, you can remove the mapping between the Proficy Authentication group of Historian and LDAP. If you want to stop integration between the Historian Proficy Authentication and LDAP altogether, you must remove the mapping for all the groups of the Proficy Authentication instance.

Procedure

  1. Double-click the Proficy Authentication IdP Configuration tool icon (), and log in the Proficy Authentication client ID and secret.
    Tip: By default, this icon appears on the desktop after you install Web-based Clients.
    The Identity Providers page appears.
  2. Select the Map Existing Proficy Authentication Groups check box.
  3. In the Proficy Authentication Connection section, provide values as specified in the following table.
    Box Description
    URL Enter the authorization server URL of the LDAP server. For example: https://localhost/
    Client ID Enter the Proficy Authentication server client ID. The default value is admin.
    Client Secret Enter the client secret value that you provided in the User Account and Authentication Service page while installing Web-based Clients. If you use an external Proficy Authentication, enter the client secret of the external Proficy Authentication.
  4. Select Test.
    If connection to the Proficy Authentication server is established, a message appears, confirming the same.
  5. In the LDAP Connection section, provide values as specified in the following table.
    Box Description
    URL Enter the base URL of the LDAP server (for example, ldap://localhost).
    Bind User DN Enter the distinguished name of the bind user (for example, cn=admin,ou=Users,dc=test,dc=com).
    Password Enter the password for the LDAP user ID that searches the LDAP tree for user information.
    User Search Filter Enter the starting point for the LDAP user search in the directory tree (for example, dc=developers,dc=com).
    User Search Base Enter the subdirectories to include in the search (for example, cn={0}).
    Group Search Filter Enter the starting point for the LDAP group search in the directory tree (for example, ou=scopes,dc=developers,dc=com).
    Group Search Base Enter the subdirectories to include in the search (for example, member={0}).
  6. Select Test, and then select Submit.
    If connection to the LDAP server is established, a message appears, confirming the same.
  7. Select Test again, and then select Continue.
    In the LDAP Mapping section, the drop-down list box contains a list of groups in Historian Proficy Authentication. In the Filter box, a list of LDAP groups appears.
  8. In the drop-down list box, select the Historian Proficy Authentication group whose mapping you want to remove.
    In the Filter box, check boxes for the Proficy Authentication groups that are mapped to the selected Historian Proficy Authentication group are selected.
  9. In the Filter box, clear the check boxes corresponding to the LDAP groups for which you want to remove the mapping.
  10. Select Map Members.
    The mapping between the Proficy Authentication groups of Historian Proficy Authentication and LDAP is removed.
  11. Repeat steps 8 through 10 for all the Historian Proficy Authentication groups for which you want to remove the mapping.

Results

Mapping between the Proficy Authentication Groups of Historian and LDAP has been removed.