Share this page
LDAP settings
If your organization uses LDAP to manage user accounts, you can allow users to access OpenText Functional Testing Lab with their LDAP credentials. When using shared spaces, some settings are controlled globally by the operator. For details, see Shared space management.
This section is not relevant for OpenText Core SDP.
OpenText Core Functional Testing Lab: The LDAP must be accessible over the internet. Add the OpenText Core Functional Testing Lab URL to your allowlist if needed.
Enable the LDAP integration
You configure the integration with LDAP in the Administration settings > LDAP integration tab. When you enable LDAP mode, the configuration for at least one LDAP server must be provided. You can add multiple LDAP server configurations, provided that the host, port, and base DN of each server is unique. If you plan to assign an LDAP group to a workspace, either the User Group membership attribute, or the Group membership attribute must be specified in the LDAP server configuration.
When the Assign users to default workspace setting is enabled in Administration settings, a user is be assigned to the Default workspace:
- if there is no LDAP server/group assigned to the Default workspace OR
- if an LDAP server/group is assigned to the Default workspace, and the user is included in the server/groups.
Click ADD SERVER and specify the server details, including:
| Server Details | Description |
|---|---|
| Friendly Name | This is the name used when displaying the details of the LDAP server, and helps you to recognize the server. |
| Hostname and Port | Provide the hostname of IP address of the LDAP server, and the port used. |
| Base DN | The base distinguished name identifies the section of the directory where searches start. |
| User search filter | The User Search Filter setting indicates the form of the LDAP query used to find a user during login. It must include the pattern {0}, which is replaced with the relevant user details entered when a user logs in to OpenText Functional Testing Lab. If you specify CN={0}, it uses the Common Name (CN) for the LDAP query. If you specify mail = {0}, the email is used. |
| User name attribute |
The LDAP attribute to use for the display name of the user in OpenText Functional Testing Lab. |
| User group membership attribute | A user attribute that indicates the groups to which the user belongs, for example memberOf. |
| Group membership attribute |
A group attribute holding the list of group members. For example, uniqueMember or member. |
| Users sync filter |
Define a filter for which users to include when synchronizing LDAP users with OpenText Functional Testing Lab. The default filter (|(objectClass=person)(objectClass=user)(objectClass=organizationalPerson)) syncs all users under the Base DN. If not all users under the Base DN need access to OpenText Functional Testing Lab, update the filter to be used for the sync. |
Notes for upgrading:
-
Important: If you are upgrading from version 3.3 or earlier, log in to OpenText Functional Testing Lab with the default user admin@default.com. In Administration > Settings, check that the user name attribute is the same as the attribute used in the user search filter. Not performing this step may result in duplication of users.
- If LDAP was configured before the upgrade, the LDAP server configuration remains as it was and users are able to continue to log in as usual. The friendly name for the server is Server 1.
Important: When you enable or turn off LDAP mode, all existing users, excluding admin@default.com, are deleted.
For details on how to work with LDAP users, see Use LDAP. To use secure LDAP (SSL), see Use secure LDAP .
Delete an LDAP server configuration
You can delete an LDAP server configuration by selecting the configuration and clicking REMOVE. If the server, or groups included in the LDAP server, were assigned to one or more workspaces, the assignments are removed. Users included in the server/groups are no longer be able to log in to OpenText Functional Testing Lab.
Note that when LDAP mode is enabled, you require at least one LDAP server configuration.
See also:
