User Directory (DB, LDAP)
Posted on Nov 08, 2018 in General - Blog Home
WaZa MDM supports two types of user directories for user authentication.
- Local (DB Based)
- Remote (LDAP/Active Directory)
Local (DB Based)
Local DB based is the default configuration for user directory. If you dont wan't to use your corporate user directroty (AD/LDAP) for user authentication, you should select this option. Local user directory cofiguration uses WaZa MDM database. Initially local user directory is empty. You will need to add users manually after you have completed the intial setup of WaZa MDM acccount.
Remote (LDAP/Active Directory)
WaZa MDM supports LDAP protocol to connect to remote directories. When the user/device connects to WaZa MDM WaZa MDM tries to authenticate the user against the remote directory. If the authentication is successful, a user profile (e.g. name, email, department) is created locally in WaZa MDM for user/device management & and reporting purposes.
WaZa MDM can be configured to lookup user attributes from remote directory to populate various user profile fields (e.g. First Name, Last Name, Email etc) in WaZa MDM database. You can do so by providing mapping between remote directory attributes to user profile fields in WaZa MDM database e.g. if you want to auto populate first name of the user upon successful user/device authetication, you can specify the mapping (LDAP/AD to DB Mapping field as shown in the picture below) as first_name=givenName
where givenName is your remote directroy attribute, which can be different in your case. first_name
is WaZa MDM database field name to be populated. The complete list of fields that can be popolated are listed at the directroy configuration page in WaZa MDM Management Console.