Modify LDAP Identity Provider | Proficy Authentication 2022 Documentation

Log in to Configuration Hub as an administrator.

Go to Proficy Authentication > Security > Identity Provider.

The existing list of identity providers appear.

Select the LDAP identity provider.

The existing information for the identity provider appears on the DETAILS panel.

Select

to display the details in a pop-up screen.

The LDAP Identity Provider screen appears.

You can modify the existing information and save the changes.

To modify existing search criteria values, place your cursor and enter the new value for the respective criteria.

Use these settings to enable the sub-directories in your search criteria.


Search Criteria	Example Value	Description
Group Base	`OU=Sales,OU=Groups,OU=Enterprise,DC=company,DC=com`	Defines the starting point for the LDAP group search in the active directory tree. CN=Common Name. DC=Domain Component. OU= Organization Unit Name. The CN and DC is typically required, and the OU is optional. If you use only `DC=Ge,DC=com`, timeout may occur due to slow system response. Use the exact `OU` to avoid timeout.
User Base	`OU=Sales,OU=Users,OU=Enterprise,DC=company,DC=com`	Defines the starting point for the LDAP group user search in the active directory tree. If you use only `DC=pa,DC=com`, timeout may occur due to slow system response. Use the exact `OU` to avoid timeout.
User Filter	`cn={0}`	Allows the LDAP user (active directory user) to login with their display name. This is field is populated by default.
User Filter	`sAMAccountName={0}`	Allows the LDAP user (active directory user) to login with their account name (Windows login name). This is field is populated by default.
Group Filter	`member={0}`	Retrieves the `memberOf` attribute values for the specific user. This is field is populated by default.
Max Filter	`10`	Defines the maximum depth for searching the LDAP groups. The default value is `10`. For very large systems, set the value to `2` as it may impact system performance.