4.1 Adding an LDAP Directory as a User Source

4.1.1 Prerequisites

Your ZENworks Management Zone must be connected to the LDAP directory that is your mobile device users’ primary authentication source and the connection must be configured to allow username/password authentication.

4.1.2 Procedure

  1. On the Getting Started with Mobile Management page, click User Sources to display the Configuration page. Alternatively, from the left hand side navigation pane of ZCC, click Configuration and navigate to the User Sources section.

  2. In the User Sources panel, click New to launch the Create New User Source Wizard.

  3. On the Connection Information page, define the following connection information, then click Next:

    • Connection Name: Specify a descriptive name for the connection to the LDAP directory.

    • Address: Specify the IP address or DNS hostname of the server on which the LDAP directory resides.

    • Use SSL: By default, this option is enabled. Disable the option if the LDAP server is not using the SSL (Secure Socket Layer) protocol.

    • Port: This field defaults to the standard SSL port (636) or non-SSL port (389) depending on whether the Use SSL option is enabled or disabled. If your LDAP server is listening on a different port, specify that port number.

    • Root LDAP Context: Displays the root context for the LDAP directory. The root context establishes the point in the directory where you can begin to browse for user containers. Specifying a root context can enable you to easily navigate to the directory, but it is optional. If you do not specify a root context, the directory’s root container becomes the entry point.

    • Ignore Dynamic Groups in eDirectory: This option allows you to select whether or not to display the dynamic groups in a user’s page. If you choose to select Ignore Dynamic Groups in eDirectory, then administrators cannot assign a policy or a bundle to a dynamic user group and the dynamic group membership will not be computed while calculating the effective assignments for any user.

  4. (Optional) On the Certificate page (which is displayed only if the connection is using SSL), review the certificate information, then click Next.

  5. On the Credentials page, specify a username and password to access the directory, then click Next.

    • Username: Specify the username for a user that has read-only access to the directory. The user can have more than read-only rights, but read-only rights is all that is required and recommended.

      For Novell eDirectory access, use standard LDAP notation. For example:

      cn=admin_read_only,ou=users,o=mycompany

      For Microsoft Active Directory, use standard domain notation. For example:

      AdminReadOnly@mycompany.com

      For DSfW, use standard LDAP notation. For example:

      cn=admin_read_only,ou=users,dc=mycompany, dc=com

    • Password: Specify the password for the user you specified in the Username field.

  6. On the Authentication Mechanisms page, select Username/Password, then click Next.

  7. On the User Containers page, add all containers that have user accounts of users to whom you want to provide mobile management access, then click Next.

  8. Complete the wizard.

NOTE:If a configured user source is deleted and the same user source is configured again, then all those mobile devices that were enrolled using the earlier user source, would have to be re-enrolled to the ZENworks Management Zone. However, before re-enrolling these devices ensure that the respective device objects are deleted from ZCC.