36
MIGRATING, INSTALLING, AND CONFIGURING ADOBE CONNECT 9
Deploying and configuring Adobe Connect
Last updated 6/23/2012
A user or group in an LDAP directory is called an entry. An entry is a collection of attributes. An attribute consists of
a type and one or more values. Types use mnemonic strings, such as
ou for organizational unit or cn for common
name. Attribute values consist of information such as phone number, e-mail address, and photo. To determine your
organization’s LDAP directory structure, contact your LDAP administrator.
Each entry has a distinguished name (DN) that describes a path to the entry through a tree structure from the entry to
the root. The DN for an entry in the LDAP directory is a concatenation of the name of the entry (called a relative
distinguished name, RDN) and the names of its ancestor entries in the tree structure.
A tree structure may reflect geographical locations or departmental boundaries within a company. For example, if
Alicia Solis is a user in the QA department of Acme, Inc. in France, the DN for this user might be as follows:
cn=Alicia Solis, ou=QA, c=France, dc=Acme, dc=com
Importing directory branches
When importing users and groups from an LDAP directory into Adobe Connect, you specify a path to a section of the
LDAP tree by using the DN of the section. This specifies the scope of the search. For example, you may want to import
only the users of a particular group within your organization. To do this, you need to know where the entries for that
group are located in the directory tree structure.
A common technique is to use the organization’s Internet domain as the root for the tree structure. For example,
Acme, Inc. might use
dc=com to specify the root element in the tree. A DN that specifies the Singapore sales office for
Acme, Inc. might be
ou=Singapore, ou=Marketing, ou=Employees, dc=Acme, dc=com. (In this example, ou is an
abbreviation for organizational unit, and
dc is an abbreviation for domain component.)
Note: Not all LDAP directories have a single root. In this situation, you can import separate branches.
Importing users and groups
There are two ways of structuring user and group entries in an LDAP directory: under the same node of a branch or
under different branches.
If users and groups are under the same node in an LDAP branch, user and group settings for importing entries contain
the same branch DN. This means that when you import users, you must use a filter to select only users, and when you
import groups, you must use a filter to select only groups.
If users and groups are under different branches in the tree, use a branch DN that selects the user branch when you
import the users and the group branch when you import the groups.
You can also import sub-branches to import users from all branches below a certain level. For example, if you want to
import all the employees in the sales department, you might use the following branch DN:
ou=Sales, dc=Acme, dc=com
However, salespeople might be stored in sub-branches. In that case, on the User Profile Mapping screen, set the
Subtree Search parameter to
true to ensure that users are imported from the sub-branches below that level in the tree.
Filtering selected entries
A filter specifies a condition that an entry must satisfy to be selected. This restricts the selection of entries within a part
of the tree. For example, if the filter specifies
(objectClass=organizationalPerson), only entries that have the
attribute
organizationalPerson are selected for import.
Note: The attribute objectClass must be present in every entry in a LDAP directory.