BIMcloud Manager - LDAP Panel

The BIMcloud Manager is able to connect to one or more Directory Services and import users/groups from that server - all of them, or just a selection.

To keep the user/group information up to date, it is possible to set up regular and automatic synchronization with the Directory Services.

The LDAP Panel contains a list of the currently connected Directory Services. Use this panel to add/remove Directory Services, or to modify the settings and imported data for already existing ones.

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//LDAPTab.png 

Connect to New Service

Click Connect to new service to bring up the Connection Panel.

Steps to set up a connection:

1.Create connection.

2.Set up the parameter mapping.

3.Filter the users and groups to be imported.

4.Modify the synchronization schedule.

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//key00065.png Required permissions:

Simplified management: Server administrator

Detailed management: Modify details

Each step is detailed below.

Step 1: Create Connection

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//ServerConnectionData.png 

This step will establish the connection to the directory service.

Enter the following parameters (all parameters are required unless marked as optional):

Name: Enter a name for this directory service for easier identification. You will see this name in the list of the directory services, and users/groups will reference the directory service by this name.

Server address: The address of the directory service

Use SSL Connection.

Port: Port of the directory service.

User (optional): Authenticate with this user during connection. No authentication is used when left empty.

Password (optional): Use this password for authentication.

Base DN (optional): An LDAP search criterion used to narrow down the imported users/ groups.

After you have entered the parameters, push the Test connection button. If you get any error message, correct the parameters and/or make sure the server address is accessible from the BIMcloud Manager computer.

Step 2: Set Up Parameter Mapping

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//ParameterMapping.png 

The directory service will contain a large number of objects and parameters, so it is important to narrow down the imported elements. Because of the various setup options, even those directory services can be configured in different ways which use the same service engine.

We provide two built-in configuration schemes, which will work with the default settings, but it is likely that you will have to fine-tune their mapping parameters:

Active Directory

Open LDAP

Use the Directory type pop-up to enter the basic values of the selected service type (either Active Directory or Open LDAP).

Click the Preview button to see the result of the mapping and import. If you do not see the expected entries, then you must fine-tune the queries and mapping options.

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//Preview.png 

Queries: the LDAP objects passing these queries will be handled as users and groups:

User query: All items which will pass through this LDAP query will be handled as users

Group query: All items which will pass through this LDAP query will be handled as groups. Enter the names of the LDAP parameters to map them to the BIMcloud’s user parameters. All parameters are required unless marked as optional.

Mapping: select the parameters of the objects passing the queries and map them to BIMcloud user parameters:

Group ID: unique ID for groups

Group name: Name of group

Members: comma-separated list of group members

User ID: unique ID for users

Login name: login name for the user

Parents: comma-separated list of parents

Full name: you can combine two LDAP parameters into a single user name (the second field is optional)

Email address: email address of user

Prefix for user/group names (optional): Prefix the name of all imported users and groups to avoid duplicate names

Click the Preview button to open a list and see the result of the Parameter mapping. If there is an error in the mapping process and some of the required fields remain empty, then those entries can’t be imported to the BIMcloud Manager. The rest of the items will be automatically imported during the first Synchronization.

Click Save to finalize the Directory Service connection settings.

Step 3: Filter Users and Groups to be Imported

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//FilterUsersSave.png 

If you do not wish to import all the users and groups who pass through the connection filter, then you can fine-tune the import process and select them individually or based on groups.

In the Filter users section, click Edit, and switch the Filter to “Import selected users and groups.”

Click the Select users and groups button and mark the users and groups you wish to import.

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//ServerUserGroups.png 

Note: Only those users are listed here for which the parameter mapping created a valid result.

Click OK to close the selection dialog.

If you wish to automatically import all members of the selected groups (rather than selecting them one by one), activate the “Automatically include group members” checkbox.

Click Save to store your changes.

Step 4: Synchronization

Manual Synchronization

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//FilterUsersEdit.png 

Click the Sync button in the Filter users section to synchronize the directory service for the first time.

The synchronization process will start in the background. You can review the process status on the Server Messages dropdown at the top-left of the page.

You will be notified once the process is complete.

Set Up Regular Synchronization

It is a good practice to set up regular synchronization for the directory service to make sure all settings are always up to date: new users added and obsolete users removed from the BIMcloud.

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//FilterUsersSave00066.png 

In the Filter users section, activate the checkbox “Regularly sync with Directory service”, then enter the interval in minutes. Click Save to store your changes.

Review Synchronization Results

The result of the automatic synchronization is logged. To review this log, select the directory service from the list and click the Details button. You will find the Sync history in the bottom section of the panel.

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//SyncHistory.png 

Modify a Directory Service Connection

If something changes in the connection settings or you modify the filtering, select the directory service from the list and click the Details button.

Edit the required section and click Save again.

If the number of the imported users changes and some of them are removed because of the modifications, a confirmation dialog will pop up about how to handle removed users. You can decide between two options:

Remove them from BIMcloud: Removed users will be forced to leave their existing projects and all their unsent changes will be lost. (They can still save a Solo PLN from their local data folder on their local computer.)

See Force Leave User.

Keep them as BIMcloud users: Removed users will be kept on the user list.

Disconnect from a Directory Service

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//BIMcloudLicenseInfo.png 

Select the Directory service from the list and click Disconnect. The above described confirmation dialog will appear again.

Troubleshoot Connection

If there is an error in the synchronization, the process stops automatically and logs the error event into the sync history. The sync history also lists the errors that must be fixed in order to sync again. Users with View Item permission for the BIMcloud Manager will receive a warning about the synchronization error when they Log in to BIMcloud Manager.

https://helpcenter.graphisoft.com/wp-content/uploads/bimcloud-help//key00067.png Required permissions for all Directory Service functions:

Simplified management: Server Administrator

Detailed management: Modify details for BIMcloud manager