- Before enabling LDAP in Noodle ensure your license key will accommodate the total number of users( local and from the AD group).
- Using SSL requires a client certificate installed on the Noodle server.
- LDAP should only be used if you manage your own Noodle server.
- Synchronizing fields: firstname, lastname, email, phone1, phone2, pager, mobile, fax, address, city, state, country, zip, note, expiry, change password on login, locked
- Other synchronizing fields can be added in "System Tools > People > Administration > Settings > User Fields"
- Make sure the main user is in the users container not a custom OU(Organizational Unit).
- Saving password from intranet to AD requires SSL installed on Active Directory (AD required security policy)
- Password fields are disabled for AD users if SSL is disabled.
- Domain drop down on the login page when Active Directory is enabled, allowing the selection of the proper domain
- Noodle uses LDAP access to connect to AD on port 389 (no SSL) or 636 (with SSL).
- To import Active Directory users to Noodle you must provide login credentials that have administrative rights on the Active Directory.
- Noodle imports ONLY users that are directly members to the “Group Name” specified in Noodle (users from sub groups will not be imported).
- When Active Directory is enabled, a new domain drop down box will be displayed under the password field on the Noodle login page.
- Adding users to Active Directory, the primary domain, and the security group specified will add them to Noodle in about a minute.
- Removing a user from any of those three will disable the user in Noodle in about 5 minutes.
- Authentication requests are forwarded from Noodle to Active Directory real time.
- Multiple DCs can be used by separating the settings with commas.
- AD has at least 3 names per user;
- "Logon Name"
- "Pre-Windows 2000" (Legacy Logon Name)
- "Common Name" (Full Name)
Make sure they are all set to the same value for the main user to simplify authentication. Noodle is using the "Common Name" not the "Logon Name" for authenticating the system user, and is also using these compound names;
- "Principal Name" (Logon Name + Primary domain)
- "Distinguished name" (Common Name + Organizational Units + Domain Controllers)