Validating on-demand synchronization policies, Managing ldap users, Viewing ldap users – H3C Technologies H3C Intelligent Management Center User Manual
Page 404: Viewing ldap users in the access user list, Managing ldap, Users
386
Validating on-demand synchronization policies
This function allows you to validate all newly added or modified on-demand synchronization policies.
To validate an on-demand synchronization policy:
1.
Access the LDAP synchronization policy list page.
2.
Click On-Demand Sync.
A confirmation dialog box appears.
3.
Click OK.
All the on-demand synchronization policies in valid state are validated.
Managing LDAP users
In UAM, an LDAP user is an access user or a device management user that is bound with an LDAP
synchronization policy.
During each synchronization process, the following operations are carried out:
•
For LDAP users in UAM that exist on the LDAP server, user information in UAM is overwritten by
information from the LDAP server.
•
For LDAP users in UAM that are removed from the LDAP server, UAM marks the LDAP user status as
Nonexistent.
•
For users that are newly added to the LDAP server, according to the synchronization policy, the
system synchronizes such users to UAM and creates new LDAP users accordingly.
Viewing LDAP users
UAM provides the following methods to view detailed information about LDAP users:
•
View LDAP users in the access user list.
•
View LDAP users in the all bound user list.
•
View LDAP users in the bound user list.
Viewing LDAP users in the access user list
1.
Click the User tab.
2.
Select Access User > All Access Users from the navigation tree.
The access user list displays all access users. Account names with the Bind User icon are LDAP
users.
LDAP user information contents
{
Account Name—Account name of an LDAP user.
{
User Name—Associated platform user name for an LDAP user.
{
User Group—Group that the platform user associated with the LDAP user belongs to.
{
Creation Date—Date when an LDAP user was created.
{
Validity Time—Date and time when the LDAP user becomes valid. An empty field indicates that
the LDAP user is already valid.