Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
English

Joget Enterprise license allows the administrator of Joget to manage users from the LDAP directory as well as the local Joget directory.


Table of Contents


Number of Users

LDAP directory manager, when configured, counts both the internal users and the LDAP users in ascending order alphabetically (when the plugin is used). So, an administrator of the system should be cautious while trying to import the users from LDAP, keeping in mind that the number of users does now not exceed the license value.

For Eg. Example : If a Joget user license is for 100 users and the number of internal users=35. Then admin should configure the LDAP plugin such that the imported users do now exceed 65.

Second Example :  The Joget user license for 25 users means that the first 25 usernames in ascending order can log in to Joget. A Joget license for 25 users means 25 active logins at a time, but only for the first 25 usernames in ascending order, regardless if the usernames are local users or connected to AD/LDAP, and it counts all usernames regardless of their active or inactive status in Setup Users.


For the trial license, there is a 3-user limitation: if you would like to perform tests on several test users, you will need to remove all the other users until your test user can be in the top 3 spots in the user list.


User Creation and deletion

If there's a new user in LDAP, it will be created in Joget user database.

To delete a user, you must delete from within Joget not from LDAP. If a user from LDAP is deleted from LDAP and does not exist anymore in LDAP but exists in Joget, then the user will get disabled/inactive in Joget, and it will never be deleted.
Here is the logic to this  event

Code Block
//set remaining user with password is null to inactive
        for (String username : userMap.keySet()) {
            User u = userMap.get(username);
            u.setActive(0);
            getUserDao().updateUser(u);
        }


For deleting user that is bounded to the "dir_employment" table by a foreign_key constraint, you can use these methods : 

Method 1 :

  • Use the "delete user" function built in from
joget
  • Joget admin menu.
it
  • It will do cascading delete that sequentially removes the correct entries needed from all the child tables first. (See figure 1)

Image Modified

Figure 1 : Delete User


Method 2 :

  • Disable the foreign key check temporarily to allow your cleanup script to work, then reenable it again afterwards. example sql to do so :


Code Block
Beginning of sql file: "set foreign_key_checks=0";

-- do your cleanup script here 

End of sql file: "set foreign_key_checks=1";


** Please note that tampering with the table structures and constraints should be used as a last resort measure as it might cause unexpected behaviour and issues. Please be sure that you have a backup available when performing this method.

User Monitoring         

This can be monitored by using the fields such as

User Base DN and User Import Search Filter.

User Base DN is used primarily to import users from the Base DN and all the directories under that DN. User import search filter. 

User Import Search Filter can be used to filter out users based on the requirement. For instance, the filter can be used to filter out all the users in the DN who doesn't have the username


Related Documentation

LDAP Directory Manager