Spotfire Ideas Portal
Add a new idea Subscribe
Status Implemented
Product Spotfire
Created by Guest
Created on May 11, 2016

RELATED IDEAS

Automatically limit LDAP I being synchronized to only those members that are included in the LDAP GROUPS being synchronized.

LDAP enhancement requests to help with syncing of I into the Spotfire environment:

For us, the Spotfire LDAP sync of I is very inefficient and could be greatly improved with a couple of enhancements. Spotfire reads through and syncs the entire LDAP directory tree of ~800,000 I. The LDAP tree is very flat at. There are only a couple hundred Spotfire groups and I within those groups that need access to Spotfire.

Unfortunately, the Spotfire Server syncs the groups marked for group synchronization and then separately queries I based on the context-names and user search filter. It would be very useful to be able to limit the LDAP I synced to Spotfire to I that are in the synchronized groups. This would allow Spotfire greater flexibility in organizations where the LDAP tree is very flat and I are organized by Spotfire groups, but not much else.

The enhancement request here is to allow one the option of choosing that only I in the synchronized groups should be synced into Spotfire. In this case, Spotfire would query the groups, query I within the groups and then use those I as I to sync into Spotfire.
Implemented in 6.0
  • ADMIN RESPONSE
    Jun 3, 2016

    As of Spotfire 6.0 users can optionally be filtered so that only group members are retrieved from the LDAP servers during synchronization. Using this feature requires group synchronization to be enabled, otherwise the new option will be ignored. The new "filter users by groups" option is configured in the config-ldap-group-sync command line tool.

  • Attach files
  • Guest
    Reply
    |     Jun 3, 2016

    I don't think this is needed. We have an extremely large LDAP directory and our LDAP sync is very efficient. We actually sync every 30 minutes with 4 large LDAP directories on our Spotfire Servers. In 6.5 you can also now add wildcards (i.e. *) on the group names and even specify a partial group name and a full OU restricting the sync to specific groups. You can further trim the LDAP sync by specifying user OU contexts to search them on and setting filter-users-by-groups to true to only sync users which belong to a sync'ed LDAP group.

This document (including, without limitation, any product roadmap or statement of direction data) illustrates the planned testing, release and availability dates for Spotfire products and services. It is for informational purposes only and its contents are subject to change without notice. Planning to implement - generally 6-12 months out. Likely to Implement - generally means 12-18 months out. Copyright © 2014-2023 Cloud Software Group, Inc. All Rights Reserved. Cloud Software Group, Inc. ("Company") follows the EU Standard Contractual Clauses as per the Company's Data Processing Agreement. Terms of Use | Privacy Policy | Trademarks | Patents | Contact Us