The UMRA LDAP functions are typically used in a Microsoft Active Directory
network environment with some other directory service that co-exists in
the same network infrastructure. The other directory service is for instance
Novell eDirectory or an OpenLDAP implementation on Linux. As long as the
directory service supports LDAP, the directory service can be managed
with UMRA.
LDAP Server and LDAP Client
The computer that runs the directory service and supports LDAP is referred
to as the LDAP Server. The software that connects to the LDAP Server is
referred to as the LDAP Client. According to these conventions, the UMRA
software always acts as the LDAP Client and the contacted directory service
system is the LDAP Server.
Helpdesk scenario
In a helpdesk environment, the UMRA Forms client runs on a helpdesk
computer. When a form is submitted by a helpdesk employee, the form and
form input data is sent to the UMRA Service. The UMRA Service executes
the script associated with the form. In a hybrid directory service environment,
the script contains UMRA LDAP script actions to manage the LDAP directory
service.
Network with helpdesk
running UMRA Forms in a hybrid directory services network.
Security
The LDAP protocol supports a large variety of features for security
and authentication. With UMRA, 2 options are available:
Not secure: All communication with the LDAP Server
and the UMRA software is not encrypted. Authentication is accomplished
using an account name and a password that is send as clear text. Although
simple to implement, this option is not recommended because of security
reasons. The option can be used for testing purposes.
Secure with SSL: All communication between the
LDAP client, e.g. the UMRA software and the LDAP Server is encrypted using
the SSL standard. This option is recommended and secure. All data is encrypted.
To implement this option, SSL certificates need to be installed on both
the LDAP Client and Server. The methods how to do this, largely depends
on the implementation of the operating system and directory service. For
Microsoft Active Directory, Novell eDirectory and Linux OpenLDAP the exact
implementations are described in this document. For other systems, a similar
approach must be used. For more detailed information, see the document
Managing
LDAP directory services with UMRA on our website.
