Consulting

Strategy Workshop

A three-session workshop based on the Intrafocus Strategic Planning Process (SPP)

Balanced Scorecard Certification

A five-day master class and certificate as a Balanced Scorecard Professional

Strategic Planning Resources

If you like our free strategy resources then join the Intrafocus Academy for additional material

Strategic Plan Audit/Review

Let us take a look at your strategic plan to check it contains all the elements needed in a good plan

Resources

Strategic Planning Process (SPP)

Our next generation Strategic Planning Process based on the Balanced Scorecard Methodology

Blog - Intrafocus Insight

New articles published every two weeks, join our mailing list and keep up

Free Strategy Resources

A library of resources for anyone interested in strategic planning and KPI management

Our Customers

Don’t take our word for it, see what the Intrafocus customers have to say.

Software

KPI and Strategy Software

Intrafocus is an EMEA authorised reseller of Spider Impact® from Spider Strategies®.

Spider Impact Video Guides

From getting started all the way through to integration to back-end systems. 

Spider Impact User Guides

A complete set of user guides. Everything you have ever wanted to know from A to Z.

Strategic Plan Generator

Use this application to guide you through creating your strategic plan – lots of examples to look at.

Contact and Help Desk

If you have any questions or need some help or guidance, you can contact us at any time.

LDAP Authentication

You are here:
Estimated reading time: 2 min

QuickScore and Scoreboard can be linked to any LDAP server(s) for user authentication. This authentication is for user/password validation only. Authorization (i.e. group memberships and permissions) are still managed within the application. The application has been successfully tested with OpenLDAP and Microsoft Active Directory and should work with any LDAP server including Apache Directory Server, IBM Tivoli Directory Server, and Oracle Internet Directory.

OpenLDAP Setup

Linking QuickScore or Scoreboard to an OpenLDAP server simply requires knowing the Distinguished Name (DN) for the directory holding the users, and the attribute to identify the user (typically “uid” or “cn”). In order for the LDAP authentication to succeed, the user must first be entered into the Users section of the QuickScore or Scoreboard application. The username in QuickScore or Scoreboard must match the value of the attribute used to identify the user.

Active Directory Setup

To enable LDAP authentication with Active Directory in QuickScore or Scoreboard, the users must be set up in a Domain Controller running Windows Server 2000, 2003, 2008, etc. The users should be part of the “Users” group and must not be set to change password at next login. For the Base, take the fully qualified domain name of the Domain Controller and the Container with the appropriate attribute labels for each level. For example, a Domain Controller “spiderstrategies.com” handling accounts in the “Users” group would be identified by separating out each element of the domain name “dc=spiderstrategies,dc=com” and adding the Container “ou=Users”, for an LDAP Base of “ou=Users,dc=spiderstrategies,dc=com”

Within the application, an administrator must first add user accounts to the software. After these initial user accounts have been added, the administrator can then enable “LDAP” authentication on the Administration > Application Administration screen. Once LDAP is enabled, a button will appear to add a connection to an LDAP server. It is possible to add multiple LDAP server connections for cases where (1) users are spread across multiple LDAP systems or (2) users are located in different Base locations within an LDAP server. Example connection settings for an Active Directory server are shown below.

User group and permission settings within QuickScore or Scoreboard are established within the application and are not related to LDAP group or permission settings. Integration with LDAP establishes the authentication, but authorization is handled internally. To set up groups and permissions, see the QuickScore or Scoreboard administration Groups section of the application.

For LDAP authentication, the user still logs in via the standard login screen.  Behind the scenes, the username/password is validated against Active Directory.

Advanced Tips

For easy browsing of any LDAP Server to confirm settings, try the open source tool JXplorer available at: Sourceforge

Was this article helpful?
Dislike 0
Views: 46